PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Mon Oct 16, 2017 9:11 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Tue Jul 05, 2005 4:53 am 
Offline
DevNet Master
User avatar

Joined: Thu Aug 15, 2002 5:53 am
Posts: 4235
Location: Sussex, UK
http://news.netcraft.com/archives/2005/07/04/php_blogging_apps_vulnerable_to_xmlrpc_exploits.html wrote:
Many popular PHP-based blogging, wiki and content management programs can be exploited through a security hole in the way PHP programs handle XML commands. The flaw allows an attacker to compromise a web server, and is found in programs including PostNuke, WordPress, Drupal, Serendipity, phpAdsNew, phpWiki and phpMyFAQ, among others.

The flaw affects the XML-RPC function, which has many uses in web applications, including "ping" update notifications for RSS feeds. PHP libraries that allow applications to exchange XML data using remote procedure calls(RPC) fail to fully check incoming data for malicious commands. The affected libraries, including PHPXMLRPC and Pear XML-RPC, are included in many interactive applications written in PHP.

The XML-RPC flaw was discovered by James Bercegay of GulfTech Security Research. Bercegay found that the libraries are "vulnerable to a very high risk remote php code execution vulnerability that may allow for an attacker to compromise a vulnerable webserver ... By creating an XML file that uses single quotes to escape into the eval() call an attacker can easily execute php code on the target server."

Updated copies of the libraries are now available, and immediate upgrades are recommended. The nature of the flaw poses a dilemma for site operators on shared hosting services, who may run affected applications on their sites but not have the ability to update the server's PHP installation with the secure libraries. Disabling XML-RPC features is the recommended workaround.
Posted by Rich Miller at July 4, 2005 02:55 PM


Source: http://news.netcraft.com/archives/2005/ ... loits.html

Those waiting for the results of the community awards - coming very shortly. It's a tight race.


Top
 Profile  
 
 Post subject:
PostPosted: Wed Jul 06, 2005 4:13 am 
Offline
DevNet Master
User avatar

Joined: Thu Aug 15, 2002 5:53 am
Posts: 4235
Location: Sussex, UK
Quick update on this - the vulnerabilities have reportedly been fixed in PEAR::XML-RPC and XML-RPC for PHP. Details see http://www.sitepoint.com/blog-post-view.php?id=278063


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group