CVE Kennung:	CAN-2005-2498
Beschreibung:	Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.62671
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2498 Bugtraq: 20050815 Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability (Google Search) http://www.securityfocus.com/archive/1/408125 http://www.hardened-php.net/advisory_152005.67.html Bugtraq: 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112431497300344&w=2 Bugtraq: 20050815 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112412415822890&w=2 Debian Security Information: DSA-789 (Google Search) http://www.debian.org/security/2005/dsa-789 Debian Security Information: DSA-798 (Google Search) http://www.debian.org/security/2005/dsa-798 Debian Security Information: DSA-840 (Google Search) http://www.debian.org/security/2005/dsa-840 Debian Security Information: DSA-842 (Google Search) http://www.debian.org/security/2005/dsa-842 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml RedHat Security Advisories: RHSA-2005:748 http://www.redhat.com/support/errata/RHSA-2005-748.html SuSE Security Announcement: SUSE-SA:2005:051 (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112605112027335&w=2 SuSE Security Announcement: SUSE-SA:2005:049 (Google Search) http://www.novell.com/linux/security/advisories/2005_49_php.html BugTraq ID: 14560 http://www.securityfocus.com/bid/14560 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9569 http://secunia.com/advisories/16431 http://secunia.com/advisories/16432 http://secunia.com/advisories/16441 http://secunia.com/advisories/16460 http://secunia.com/advisories/16465 http://secunia.com/advisories/16468 http://secunia.com/advisories/16469 http://secunia.com/advisories/16491 http://secunia.com/advisories/16550 http://secunia.com/advisories/16558 http://secunia.com/advisories/16563 http://secunia.com/advisories/16619 http://secunia.com/advisories/16635 http://secunia.com/advisories/16693 http://secunia.com/advisories/16976 http://secunia.com/advisories/17440 http://secunia.com/advisories/17053 http://secunia.com/advisories/17066

Registrierung eines neuen Benutzers Email: Benutzerkennung: Passwort: Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert. Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.     Datenschutz

Anmeldung für registrierte Benutzer   Benutzerkennung:     Passwort:     Benutzerkennung oder Passwort vergessen? Email/Benutzerkennung: