A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system.
XML-RPC is a specification and a set of implementations that allow software running on disparate operating systems and in different environments to make procedure calls over the Internet. XML-RPC uses HTTP for the transport protocol and XML for the data encoding. Several independent implementations of XML-RPC exist for PHP applications.
A common flaw in the way that several XML-RPC PHP implementations pass unsanitized user input to eval() within the XML-RPC server results in a vulnerability that could allow a remote attacker to execute code on a vulnerable system. An attacker with the ability to upload a crafted XML file could insert PHP code that would then be executed by the web application using the vulnerable XML-RPC code.
Remote attackers may be able to execute PHP code of their choosing on a vulnerable system. The code would be executed in the context of the server program that runs the corresponding web application. Secondary impacts of a compromised web service account include, but are not limited to, malicious modification of web site data, information disclosure, and access that may be leveraged to gain additional system privileges.
Upgrade or apply a patch
James Bercegay of the GulfTech Security Research Team reported this issue.
This document was written by Chad R Dougherty.
|Date First Published:||2005-07-06|
|Date Last Updated:||2007-03-09 15:48 UTC|