[gentoo-announce] [ GLSA 200507-01 ] PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability - gentoo-announce

From:	Thierry Carrez <koon@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200507-01 ] PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability
Date:	Sun, 03 Jul 2005 16:53:16
Message-Id:	`42C81540.2010009@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200507-01

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: High

8

     Title: PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability

9

      Date: July 03, 2005

10

      Bugs: #97399, #97629

11

        ID: 200507-01

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to

19

execute arbitrary PHP script commands.

20

21

Background

22

==========

23

24

The PEAR XML-RPC and phpxmlrpc libraries are both PHP implementations

25

of the XML-RPC protocol.

26

27

Affected packages

28

=================

29

30

    -------------------------------------------------------------------

31

     Package               /  Vulnerable  /                 Unaffected

32

    -------------------------------------------------------------------

33

  1  dev-php/PEAR-XML_RPC       < 1.3.1                       >= 1.3.1

34

  2  dev-php/phpxmlrpc          < 1.1.1                       >= 1.1.1

35

    -------------------------------------------------------------------

36

     2 affected packages on all of their supported architectures.

37

    -------------------------------------------------------------------

38

39

Description

40

===========

41

42

James Bercegay of GulfTech Security Research discovered that the PEAR

43

XML-RPC and phpxmlrpc libraries fail to sanatize input sent using the

44

"POST" method.

45

46

Impact

47

======

48

49

A remote attacker could exploit this vulnerability to execute arbitrary

50

PHP script code by sending a specially crafted XML document to web

51

applications making use of these libraries.

52

53

Workaround

54

==========

55

56

There are no known workarounds at this time.

57

58

Resolution

59

==========

60

61

All PEAR-XML_RPC users should upgrade to the latest available version:

62

63

    # emerge --sync

64

    # emerge --ask --oneshot --verbose ">=dev-php/PEAR-XML_RPC-1.3.1"

65

66

All phpxmlrpc users should upgrade to the latest available version:

67

68

    # emerge --sync

69

    # emerge --ask --oneshot --verbose ">=dev-php/phpxmlrpc-1.1.1"

70

71

References

72

==========

73

74

  [ 1 ] CAN-2005-1921

75

        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921

76

  [ 2 ] GulfTech Advisory

77

        http://www.gulftech.org/?node=research&article_id=00088-07022005

78

79

Availability

80

============

81

82

This GLSA and any updates to it are available for viewing at

83

the Gentoo Security Website:

84

85

  http://security.gentoo.org/glsa/glsa-200507-01.xml

86

87

Concerns?

88

=========

89

90

Security is a primary focus of Gentoo Linux and ensuring the

91

confidentiality and security of our users machines is of utmost

92

importance to us. Any security concerns should be addressed to

93

security@g.o or alternatively, you may file a bug at

94

http://bugs.gentoo.org.

95

96

License

97

=======

98

99

Copyright 2005 Gentoo Foundation, Inc; referenced text

100

belongs to its owner(s).

101

102

The contents of this document are licensed under the

103

Creative Commons - Attribution / Share Alike license.

104

105

http://creativecommons.org/licenses/by-sa/2.0

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200507-01
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: High
8	Title: PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability
9	Date: July 03, 2005
10	Bugs: #97399, #97629
11	ID: 200507-01
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to
19	execute arbitrary PHP script commands.
20
21	Background
22	==========
23
24	The PEAR XML-RPC and phpxmlrpc libraries are both PHP implementations
25	of the XML-RPC protocol.
26
27	Affected packages
28	=================
29
30	-------------------------------------------------------------------
31	Package / Vulnerable / Unaffected
32	-------------------------------------------------------------------
33	1 dev-php/PEAR-XML_RPC < 1.3.1 >= 1.3.1
34	2 dev-php/phpxmlrpc < 1.1.1 >= 1.1.1
35	-------------------------------------------------------------------
36	2 affected packages on all of their supported architectures.
37	-------------------------------------------------------------------
38
39	Description
40	===========
41
42	James Bercegay of GulfTech Security Research discovered that the PEAR
43	XML-RPC and phpxmlrpc libraries fail to sanatize input sent using the
44	"POST" method.
45
46	Impact
47	======
48
49	A remote attacker could exploit this vulnerability to execute arbitrary
50	PHP script code by sending a specially crafted XML document to web
51	applications making use of these libraries.
52
53	Workaround
54	==========
55
56	There are no known workarounds at this time.
57
58	Resolution
59	==========
60
61	All PEAR-XML_RPC users should upgrade to the latest available version:
62
63	# emerge --sync
64	# emerge --ask --oneshot --verbose ">=dev-php/PEAR-XML_RPC-1.3.1"
65
66	All phpxmlrpc users should upgrade to the latest available version:
67
68	# emerge --sync
69	# emerge --ask --oneshot --verbose ">=dev-php/phpxmlrpc-1.1.1"
70
71	References
72	==========
73
74	[ 1 ] CAN-2005-1921
75	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921
76	[ 2 ] GulfTech Advisory
77	http://www.gulftech.org/?node=research&article_id=00088-07022005
78
79	Availability
80	============
81
82	This GLSA and any updates to it are available for viewing at
83	the Gentoo Security Website:
84
85	http://security.gentoo.org/glsa/glsa-200507-01.xml
86
87	Concerns?
88	=========
89
90	Security is a primary focus of Gentoo Linux and ensuring the
91	confidentiality and security of our users machines is of utmost
92	importance to us. Any security concerns should be addressed to
93	security@g.o or alternatively, you may file a bug at
94	http://bugs.gentoo.org.
95
96	License
97	=======
98
99	Copyright 2005 Gentoo Foundation, Inc; referenced text
100	belongs to its owner(s).
101
102	The contents of this document are licensed under the
103	Creative Commons - Attribution / Share Alike license.
104
105	http://creativecommons.org/licenses/by-sa/2.0