Test Kennung:	1.3.6.1.4.1.25623.1.0.55298
Kategorie:	CGI abuses
Titel:	Drupal XML-RPC for PHP Remote Code Injection
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote version of Drupal, according to its version number, is vulnerable to remote code injection attacks as a result of a flaw in the bundled version of its XML-RPC library. Solution : Upgrade to 4.5.4/4.6.2 or later. Risk factor : High CVSS Score: 7.5
Querverweis:	BugTraq ID: 14088 Common Vulnerability Exposure (CVE) ID: CVE-2005-2498 14560 http://www.securityfocus.com/bid/14560 16431 http://secunia.com/advisories/16431 16432 http://secunia.com/advisories/16432 16441 http://secunia.com/advisories/16441 16460 http://secunia.com/advisories/16460 16465 http://secunia.com/advisories/16465 16468 http://secunia.com/advisories/16468 16469 http://secunia.com/advisories/16469 16491 http://secunia.com/advisories/16491 16550 http://secunia.com/advisories/16550 16558 http://secunia.com/advisories/16558 16563 http://secunia.com/advisories/16563 16619 http://secunia.com/advisories/16619 16635 http://secunia.com/advisories/16635 16693 http://secunia.com/advisories/16693 16976 http://secunia.com/advisories/16976 17053 http://secunia.com/advisories/17053 17066 http://secunia.com/advisories/17066 17440 http://secunia.com/advisories/17440 20050815 Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability http://www.securityfocus.com/archive/1/408125 20050815 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue http://marc.info/?l=bugtraq&m=112412415822890&w=2 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities http://marc.info/?l=bugtraq&m=112431497300344&w=2 DSA-789 http://www.debian.org/security/2005/dsa-789 DSA-798 http://www.debian.org/security/2005/dsa-798 DSA-840 http://www.debian.org/security/2005/dsa-840 DSA-842 http://www.debian.org/security/2005/dsa-842 FLSA:166943 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html GLSA-200509-19 http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml RHSA-2005:748 http://www.redhat.com/support/errata/RHSA-2005-748.html SUSE-SA:2005:049 http://www.novell.com/linux/security/advisories/2005_49_php.html SUSE-SA:2005:051 http://marc.info/?l=bugtraq&m=112605112027335&w=2 http://www.hardened-php.net/advisory_152005.67.html oval:org.mitre.oval:def:9569 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9569 Common Vulnerability Exposure (CVE) ID: CVE-2005-1921 1015336 http://securitytracker.com/id?1015336 14088 http://www.securityfocus.com/bid/14088 15810 http://secunia.com/advisories/15810 15852 http://secunia.com/advisories/15852 15855 http://secunia.com/advisories/15855 15861 http://secunia.com/advisories/15861 15872 http://secunia.com/advisories/15872 15883 http://secunia.com/advisories/15883 15884 http://secunia.com/advisories/15884 15895 http://secunia.com/advisories/15895 15903 http://secunia.com/advisories/15903 15904 http://secunia.com/advisories/15904 15916 http://secunia.com/advisories/15916 15917 http://secunia.com/advisories/15917 15922 http://secunia.com/advisories/15922 15944 http://secunia.com/advisories/15944 15947 http://secunia.com/advisories/15947 15957 http://secunia.com/advisories/15957 16001 http://secunia.com/advisories/16001 16339 http://secunia.com/advisories/16339 17674 http://secunia.com/advisories/17674 18003 http://secunia.com/advisories/18003 20050629 Advisory 02/2005: Remote code execution in Serendipity http://marc.info/?l=bugtraq&m=112008638320145&w=2 20050629 [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue http://marc.info/?l=bugtraq&m=112015336720867&w=2 ADV-2005-2827 http://www.vupen.com/english/advisories/2005/2827 DSA-745 http://www.debian.org/security/2005/dsa-745 DSA-746 http://www.debian.org/security/2005/dsa-746 DSA-747 http://www.debian.org/security/2005/dsa-747 GLSA-200507-01 http://security.gentoo.org/glsa/glsa-200507-01.xml GLSA-200507-06 http://security.gentoo.org/glsa/glsa-200507-06.xml GLSA-200507-07 http://security.gentoo.org/glsa/glsa-200507-07.xml HPSBTU02083 http://www.securityfocus.com/archive/1/419064/100/0/threaded MDKSA-2005:109 http://www.mandriva.com/security/advisories?name=MDKSA-2005:109 RHSA-2005:564 http://www.redhat.com/support/errata/RHSA-2005-564.html SSRT051069 SUSE-SA:2005:041 http://www.novell.com/linux/security/advisories/2005_41_php_pear.html SUSE-SR:2005:018 http://www.novell.com/linux/security/advisories/2005_18_sr.html http://pear.php.net/package/XML_RPC/download/1.3.1 http://sourceforge.net/project/showfiles.php?group_id=87163 http://sourceforge.net/project/shownotes.php?release_id=338803 http://www.ampache.org/announce/3_3_1_2.php http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt http://www.gulftech.org/?node=research&article_id=00087-07012005 http://www.hardened-php.net/advisory-022005.php oval:org.mitre.oval:def:11294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11294 oval:org.mitre.oval:def:350 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A350
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.