Welcome to Kuwait Linux User Group - OpenSource free stuff

Search   in  

 Create an AccountHome | Gallery | Submit News | Your Account | Content | Topics | Top 10  

Modules
· Home
· Advertising
· Downloads
· FAQ
· Forums
· PHP-Nuke Tools
· Stories Archive
· Submit News
· Surveys
· Top 10
· Topics
· Tutorials
· Web Links
· Your Account

Search
Google
Web q8linux.net

  
PEAR XML_RPC Remote PHP Code Injection Vulnerability
Posted on Thursday, August 25, 2005 @ 18:25:36 AST
Topic: advisories
advisorieshardened-php.net :

       PEAR XML_RPC is the PEAR-ified version of Useful Inc's XML-RPC
for PHP, which is a PHP implementation of the XML-RPC protocol. It has support for HTTP transport, proxies and authentication.

After Gulftech released their PHP code injection advisory in the end of June 2005 we sheduled the code for an audit from our side. Unfortunately we were able to find another vulnerability in the XML-RPC libraries that allows injection of arbitrary PHP code into eval() statements.

complete story


PEAR XML_RPC Remote PHP Code Injection Vulnerability | Login/Create an Account | 0 comments
The comments are owned by the poster. We aren't responsible for their content.
 
Related Websites

Related Links
· More about advisories
· News by meshal
Most read story about advisories:
Local Root Exploit in Linux 2.4.xx and 2.6.xx


Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Printer Friendly


Associated Topics

advisories

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest ©2004-2008 by Q8linux.كويت لينكس
PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.07 Seconds