Executive Summary
Summary | |
---|---|
Title | New phproupware packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-798 | First vendor Publication | 2005-09-02 |
Vendor | Debian | Last vendor Modification | 2005-09-02 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in phpgroupware, a web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2005-2498 Stefan Esser discovered another vulnerability in the XML-RPC libraries that allows injection of arbitrary PHP code into eval() statements. The XMLRPC component has been disabled. CAN-2005-2600 Alexander Heidenreich discovered a cross-site scriptiong problem in the tree view of FUD Forum Bulletin Board Software, which is also present in phpgroupware. CAN-2005-2761 A global cross-site scripting fix has also been included that protects against potential malicious scripts embedded in CSS and xmlns in various parts of the application and modules. This update also contains a postinst bugfix that has been approved for the next update to the stable release. For the old stable distribution (woody) these problems don't apply. For the stable distribution (sarge) these problems have been fixed in version 0.9.16.005-3.sarge2. For the unstable distribution (sid) these problems have been fixed in version 0.9.16.008. We recommend that you upgrade your phpgroupware packages. |
Original Source
Url : http://www.debian.org/security/2005/dsa-798 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-35 | Leverage Executable Code in Nonexecutable Files |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9569 | |||
Oval ID: | oval:org.mitre.oval:def:9569 | ||
Title: | Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921. | ||
Description: | Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2498 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Os | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5021688.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-13 (pear-xml_rpc phpxmlrpc) File : nvt/glsa_200508_13.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-14 (tikiwiki egroupware) File : nvt/glsa_200508_14.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-18 (phpwiki) File : nvt/glsa_200508_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-20 (phpgroupware) File : nvt/glsa_200508_20.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-21 (phpwebsite) File : nvt/glsa_200508_21.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-19 (PHP) File : nvt/glsa_200509_19.nasl |
2008-09-04 | Name : FreeBSD Ports: pear-XML_RPC File : nvt/freebsd_pear-XML_RPC1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 789-1 (php4) File : nvt/deb_789_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 798-1 (phpgroupware) File : nvt/deb_798_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 840-1 (drupal) File : nvt/deb_840_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 842-1 (egroupware) File : nvt/deb_842_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 899-1 (egroupware) File : nvt/deb_899_1.nasl |
2006-03-26 | Name : PhpGroupWare Addressbook < 0.9.16 Unspecified Flaw File : nvt/phpgroupware_addressbook_flaw.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-242-02 PHP File : nvt/esoft_slk_ssa_2005_242_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-251-04 php5 in Slackware 10.1 File : nvt/esoft_slk_ssa_2005_251_04.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
18979 | phpGroupWare Main Screen Message Body XSS |
18889 | XML-RPC for PHP (PHPXMLRPC) Nested XML Tags Arbitrary PHP Code Execution XML-RPC for PHP (PHPXMLRPC) contains a flaw that may allow a remote attacker to execute arbitrary PHP code. The problem is that the library does not properly sanitizing certain XML tags that are nested in a parsed PHP document before being used in an 'eval()' call, which may allow a remote attacker to execute arbitrary PHP code resulting in a loss of integrity. |
18699 | FUDforum mid Variable Tree View Arbitrary Restricted Message Access FUDforum contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker modifies the mid HTTP variable, which will disclose arbitrary restricted forum messages resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-899.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-748.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e65ad1bf0d8b11da90d000304823c0d3.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-171-1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-251-04.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_051.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_049.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-146.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-19.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-842.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-840.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-242-02.nasl - Type : ACT_GATHER_INFO |
2005-09-19 | Name : A remote web application is vulnerable to cross-site scripting. File : phpgroupware_message_script_inject.nasl - Type : ACT_ATTACK |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-810.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-809.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-20.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-21.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-798.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-13.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-14.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-18.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-789.nasl - Type : ACT_GATHER_INFO |
2005-08-29 | Name : The remote web server contains a PHP application that is affected by multiple... File : phpadsnew_206.nasl - Type : ACT_ATTACK |
2005-08-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-748.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-09-14 01:03:43 |
|
2016-04-26 17:41:17 |
|
2014-02-17 11:34:18 |
|