Executive Summary
Summary | |
---|---|
Title | PHP4 vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-171-1 | First vendor Publication | 2005-08-20 |
Vendor | Ubuntu | Last vendor Modification | 2005-08-20 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: php4-dev php4-pear The problem can be corrected by upgrading the affected package to version 4:4.3.8-3ubuntu7.12 (for Ubuntu 4.10), or 4:4.3.10-10ubuntu4.1 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: CAN-2005-1751: The php4-dev package ships a copy of the "shtool" utility in CAN-1005-1759: The creation of temporary files in shtool was also vulnerable to a CAN-2005-2498: Stefan Esser discovered another remote code execution vulnerability in In Ubuntu, the PEAR extension is unsupported (it is contained in the Please note that many applications contain a copy of the affected - drupal These packages might be fixed by the community later. The following common third party applications might be affected as - Serendipity If you run any affected software, please check whether you are |
Original Source
Url : http://www.ubuntu.com/usn/USN-171-1 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-35 | Leverage Executable Code in Nonexecutable Files |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:345 | |||
Oval ID: | oval:org.mitre.oval:def:345 | ||
Title: | shtool Race Condition | ||
Description: | Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1751 | Version: | 1 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | php |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9569 | |||
Oval ID: | oval:org.mitre.oval:def:9569 | ||
Title: | Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921. | ||
Description: | Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2498 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5021688.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200506-08 (GNU shtool) File : nvt/glsa_200506_08.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-13 (pear-xml_rpc phpxmlrpc) File : nvt/glsa_200508_13.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-14 (tikiwiki egroupware) File : nvt/glsa_200508_14.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-18 (phpwiki) File : nvt/glsa_200508_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-20 (phpgroupware) File : nvt/glsa_200508_20.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-21 (phpwebsite) File : nvt/glsa_200508_21.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-19 (PHP) File : nvt/glsa_200509_19.nasl |
2008-09-04 | Name : FreeBSD Ports: pear-XML_RPC File : nvt/freebsd_pear-XML_RPC1.nasl |
2008-09-04 | Name : FreeBSD Ports: shtool File : nvt/freebsd_shtool.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 789-1 (php4) File : nvt/deb_789_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 798-1 (phpgroupware) File : nvt/deb_798_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 840-1 (drupal) File : nvt/deb_840_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 842-1 (egroupware) File : nvt/deb_842_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-242-02 PHP File : nvt/esoft_slk_ssa_2005_242_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-251-04 php5 in Slackware 10.1 File : nvt/esoft_slk_ssa_2005_251_04.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
18889 | XML-RPC for PHP (PHPXMLRPC) Nested XML Tags Arbitrary PHP Code Execution XML-RPC for PHP (PHPXMLRPC) contains a flaw that may allow a remote attacker to execute arbitrary PHP code. The problem is that the library does not properly sanitizing certain XML tags that are nested in a parsed PHP document before being used in an 'eval()' call, which may allow a remote attacker to execute arbitrary PHP code resulting in a loss of integrity. |
16848 | shtool Symlink Arbitrary File Manipulation shtool contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to the script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-748.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-564.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e65ad1bf0d8b11da90d000304823c0d3.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-171-1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-251-04.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_051.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_049.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-146.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-19.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-242-02.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-840.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-842.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-809.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-810.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-20.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-21.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-798.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-13.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-14.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-18.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-789.nasl - Type : ACT_GATHER_INFO |
2005-08-29 | Name : The remote web server contains a PHP application that is affected by multiple... File : phpadsnew_206.nasl - Type : ACT_ATTACK |
2005-08-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-748.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_6596bb80d02611d99aed000e0c2e438a.nasl - Type : ACT_GATHER_INFO |
2005-07-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-564.nasl - Type : ACT_GATHER_INFO |
2005-07-06 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-517.nasl - Type : ACT_GATHER_INFO |
2005-07-06 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-518.nasl - Type : ACT_GATHER_INFO |
2005-06-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200506-08.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:01:26 |
|
2013-05-11 12:25:09 |
|