CVE-2006-0147

Sažetak

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

Reference

http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
http://retrogod.altervista.org/simplog_092_incl_xpl.html
http://secunia.com/advisories/17418
http://secunia.com/advisories/18233
http://secunia.com/advisories/18254
http://secunia.com/advisories/18260
http://secunia.com/advisories/18267
http://secunia.com/advisories/18276
http://secunia.com/advisories/19555
http://secunia.com/advisories/19590
http://secunia.com/advisories/19591
http://secunia.com/advisories/19600
http://secunia.com/advisories/19628
http://secunia.com/advisories/19691
http://secunia.com/secunia_research/2005-64/advisory/
http://www.debian.org/security/2006/dsa-1029
http://www.debian.org/security/2006/dsa-1030
http://www.debian.org/security/2006/dsa-1031
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
http://www.osvdb.org/22291
http://www.securityfocus.com/archive/1/430448/100/0/threaded
http://www.securityfocus.com/archive/1/430743/100/0/threaded
http://www.vupen.com/english/advisories/2006/0101
http://www.vupen.com/english/advisories/2006/0102
http://www.vupen.com/english/advisories/2006/0103
http://www.vupen.com/english/advisories/2006/0104
http://www.vupen.com/english/advisories/2006/1305
http://www.vupen.com/english/advisories/2006/1332
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
https://www.exploit-db.com/exploits/1663

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

19-10-2018 - 15:42

Objavljeno

09-01-2006 - 23:03