English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.53978
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDKSA-2005:109 (php-pear)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to php-pear
announced via advisory MDKSA-2005:109.

A vulnerability was discovered by GulfTech Security in the PHP XML RPC
project. This vulnerability is considered critical and can lead to
remote code execution. The vulnerability also exists in the PEAR
XMLRPC implementation.

Mandriva ships with the PEAR XMLRPC implementation and it has been
patched to correct this problem. It is advised that users examine the
PHP applications they have installed on their servers for any
applications that may come bundled with their own copies of the PEAR
system and either patch RPC.php or use the system PEAR (found in
/usr/share/pear).

Updates have been released for some popular PHP applications such
as WordPress and Serendipity and users are urged to take all
precautions to protect their systems from attack and/or defacement by
upgrading their applications from the authors of the respective
applications.

Affected versions: 10.0, 10.1, 10.2, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1921
http://www.hardened-php.net/advisory-022005.php

Risk factor : High

CVSS Score:
7.5

Querverweis: BugTraq ID: 14088
Common Vulnerability Exposure (CVE) ID: CVE-2005-1921
1015336
http://securitytracker.com/id?1015336
14088
http://www.securityfocus.com/bid/14088
15810
http://secunia.com/advisories/15810
15852
http://secunia.com/advisories/15852
15855
http://secunia.com/advisories/15855
15861
http://secunia.com/advisories/15861
15872
http://secunia.com/advisories/15872
15883
http://secunia.com/advisories/15883
15884
http://secunia.com/advisories/15884
15895
http://secunia.com/advisories/15895
15903
http://secunia.com/advisories/15903
15904
http://secunia.com/advisories/15904
15916
http://secunia.com/advisories/15916
15917
http://secunia.com/advisories/15917
15922
http://secunia.com/advisories/15922
15944
http://secunia.com/advisories/15944
15947
http://secunia.com/advisories/15947
15957
http://secunia.com/advisories/15957
16001
http://secunia.com/advisories/16001
16339
http://secunia.com/advisories/16339
16693
http://secunia.com/advisories/16693
17440
http://secunia.com/advisories/17440
17674
http://secunia.com/advisories/17674
18003
http://secunia.com/advisories/18003
20050629 Advisory 02/2005: Remote code execution in Serendipity
http://marc.info/?l=bugtraq&m=112008638320145&w=2
20050629 [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue
http://marc.info/?l=bugtraq&m=112015336720867&w=2
ADV-2005-2827
http://www.vupen.com/english/advisories/2005/2827
DSA-745
http://www.debian.org/security/2005/dsa-745
DSA-746
http://www.debian.org/security/2005/dsa-746
DSA-747
http://www.debian.org/security/2005/dsa-747
DSA-789
http://www.debian.org/security/2005/dsa-789
GLSA-200507-01
http://security.gentoo.org/glsa/glsa-200507-01.xml
GLSA-200507-06
http://security.gentoo.org/glsa/glsa-200507-06.xml
GLSA-200507-07
http://security.gentoo.org/glsa/glsa-200507-07.xml
HPSBTU02083
http://www.securityfocus.com/archive/1/419064/100/0/threaded
MDKSA-2005:109
http://www.mandriva.com/security/advisories?name=MDKSA-2005:109
RHSA-2005:564
http://www.redhat.com/support/errata/RHSA-2005-564.html
SSRT051069
SUSE-SA:2005:041
http://www.novell.com/linux/security/advisories/2005_41_php_pear.html
SUSE-SA:2005:049
http://www.novell.com/linux/security/advisories/2005_49_php.html
SUSE-SA:2005:051
http://marc.info/?l=bugtraq&m=112605112027335&w=2
SUSE-SR:2005:018
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://pear.php.net/package/XML_RPC/download/1.3.1
http://sourceforge.net/project/showfiles.php?group_id=87163
http://sourceforge.net/project/shownotes.php?release_id=338803
http://www.ampache.org/announce/3_3_1_2.php
http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt
http://www.gulftech.org/?node=research&article_id=00087-07012005
http://www.hardened-php.net/advisory-022005.php
oval:org.mitre.oval:def:11294
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11294
oval:org.mitre.oval:def:350
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A350
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.