| Vulnerability Name: | CVE-2005-2498 (CCN-21842) | ||||||||||||||||||||||||||||||||
| Assigned: | 2005-08-14 | ||||||||||||||||||||||||||||||||
| Published: | 2005-08-14 | ||||||||||||||||||||||||||||||||
| Updated: | 2017-10-11 | ||||||||||||||||||||||||||||||||
| Summary: | Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921. | ||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2498 Source: BUGTRAQ Type: UNKNOWN 20050815 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue Source: BUGTRAQ Type: UNKNOWN 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities Source: SUSE Type: UNKNOWN SUSE-SA:2005:051 Source: CCN Type: BugTraq Mailing List, 2005-08-15 2:34:50 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue Source: CCN Type: The PHP Group Web site PEAR :: Package :: XML_RPC Source: CCN Type: XML-RPC for PHP Web site XML-RPC for PHP Source: CCN Type: RHSA-2005-748 php security update Source: CCN Type: SA16431 XML-RPC for PHP Nested XML Tags PHP Code Execution Source: SECUNIA Type: UNKNOWN 16431 Source: CCN Type: SA16432 Drupal XML-RPC PHP Code Execution Vulnerability Source: SECUNIA Type: UNKNOWN 16432 Source: CCN Type: SA16441 phpMyFAQ XML-RPC Nested XML Tags PHP Code Execution Source: SECUNIA Type: UNKNOWN 16441 Source: CCN Type: SA16460 Nucleus CMS XML-RPC Nested XML Tags PHP Code Execution Source: SECUNIA Type: UNKNOWN 16460 Source: CCN Type: SA16465 eGroupWare XML-RPC Nested XML Tags PHP Code Execution Source: SECUNIA Type: UNKNOWN 16465 Source: CCN Type: SA16468 phpAdsNew Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 16468 Source: CCN Type: SA16469 phpPgAds Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 16469 Source: CCN Type: SA16491 MailWatch for MailScanner XML-RPC PHP Code Execution Source: SECUNIA Type: UNKNOWN 16491 Source: SECUNIA Type: UNKNOWN 16550 Source: CCN Type: SA16558 phpGroupWare Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 16558 Source: CCN Type: SA16563 TikiWiki XML-RPC Nested XML Tags PHP Code Execution Source: SECUNIA Type: UNKNOWN 16563 Source: SECUNIA Type: UNKNOWN 16619 Source: SECUNIA Type: UNKNOWN 16635 Source: CCN Type: SA16693 MAXdev MD-Pro Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 16693 Source: SECUNIA Type: UNKNOWN 16976 Source: SECUNIA Type: UNKNOWN 17053 Source: SECUNIA Type: UNKNOWN 17066 Source: CCN Type: SA17440 b2evolution XML-RPC PHP Code Execution Vulnerabilities Source: SECUNIA Type: UNKNOWN 17440 Source: CCN Type: TikiWiki Web site ReleaseProcess186 Source: CCN Type: CIAC INFORMATION BULLETIN P-282 PHP PEAR XML-RPC Server Package Vulnerability Source: DEBIAN Type: UNKNOWN DSA-789 Source: DEBIAN Type: UNKNOWN DSA-798 Source: DEBIAN Type: UNKNOWN DSA-840 Source: DEBIAN Type: UNKNOWN DSA-842 Source: DEBIAN Type: DSA-789 php4 -- several vulnerabilities Source: DEBIAN Type: DSA-798 phpgroupware -- several vulnerabilities Source: DEBIAN Type: DSA-840 drupal -- missing input sanitising Source: DEBIAN Type: DSA-842 egroupware -- missing input sanitising Source: CCN Type: Fedora Legacy Update Advisory FLSA:166943 Updated php packages fix security issues Source: FEDORA Type: UNKNOWN FLSA:166943 Source: CCN Type: GLSA-200508-13 PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability Source: CCN Type: GLSA-200508-14 TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC Source: CCN Type: GLSA-200508-18 PhpWiki: Arbitrary command execution through XML-RPC Source: CCN Type: GLSA-200508-20 phpGroupWare: Multiple vulnerabilities Source: CCN Type: GLSA-200508-21 phpWebSite: Arbitrary command execution through XML-RPC and SQL injection Source: CCN Type: GLSA-200509-19 PHP: Vulnerabilities in included PCRE and XML-RPC libraries Source: GENTOO Type: UNKNOWN GLSA-200509-19 Source: CCN Type: Hardened-PHP Project Security Advisory 15/2005 PHPXMLRPC Remote PHP Code Injection Vulnerability Source: MISC Type: Patch, Vendor Advisory http://www.hardened-php.net/advisory_152005.67.html Source: SUSE Type: UNKNOWN SUSE-SA:2005:049 Source: CCN Type: OSVDB ID: 18887 phpPgAds / phpAdsNew js-form.php language Parameter Traversal Arbitrary File Access Source: REDHAT Type: UNKNOWN RHSA-2005:748 Source: BUGTRAQ Type: UNKNOWN 20050815 Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability Source: BID Type: UNKNOWN 14560 Source: CCN Type: BID-14560 PHPXMLRPC and PEAR XML_RPC Remote Code Injection Vulnerability Source: CCN Type: USN-171-1 PHP4 vulnerabilities Source: XF Type: UNKNOWN phpxmlrpc-eval-code-execution(21842) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9569 Source: SUSE Type: SUSE-SA:2005:049 php4 php5: remote code execution Source: SUSE Type: SUSE-SA:2005:051 php4 php5: remote code execution | ||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||