Signature Detail

Short Name	HTTP:PHP:PHP-XML-CMD
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	PHP XML Command Execution
Release Date	2005/07/07
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: PHP XML Command Execution

This signature detects attempts to exploit a known vulnerability against an XML transmission. Attackers can craft a malicious command injection that can lead to arbitrary code execution within the context of the Web server. Multiple Content Management Systems using PHP might be vulnerable to this family of attacks.

Extended Description

XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access. XML-RPC for PHP 1.1 and prior versions are affected by this issue. Other applications using this library are also affected.

Affected Products

Ampache 3.2.0
Ampache 3.2.1
Ampache 3.2.2
Ampache 3.2.3
Ampache 3.2.4
Ampache 3.3.0
Ampache 3.3.1
b2evolution 0.8.2
b2evolution 0.8.2 .2
b2evolution 0.8.6
b2evolution 0.8.6 .1
b2evolution 0.8.6 .2
b2evolution 0.8.7
b2evolution 0.8.9
b2evolution 0.9.0 .0.03
b2evolution 0.9.0 .0.05
b2evolution 0.9.0 .0.08
b2evolution 0.9.0 .0.09
b2evolution 0.9.0 .0.10
b2evolution 0.9.0 .0.11
b2evolution 0.9.0 .0.12
BLOG:CMS 3.6.2
BLOG:CMS 3.6.4
CivicSpace Labs CivicSpace 0.7.2
CivicSpace Labs CivicSpace 0.8.0 .0.2
CivicSpace Labs CivicSpace 0.8.0 .0.3
CivicSpace Labs CivicSpace 0.8.0 .0.4
CivicSpace Labs CivicSpace 0.8.0 .0.5
CivicSpace Labs CivicSpace 0.8.1
Conectiva Linux 10.0.0
Conectiva Linux 9.0.0
Debian Linux 3.0.0
Debian Linux 3.0.0 Alpha
Debian Linux 3.0.0 Arm
Debian Linux 3.0.0 Hppa
Debian Linux 3.0.0 Ia-32
Debian Linux 3.0.0 Ia-64
Debian Linux 3.0.0 M68k
Debian Linux 3.0.0 Mips
Debian Linux 3.0.0 Mipsel
Debian Linux 3.0.0 Ppc
Debian Linux 3.0.0 S/390
Debian Linux 3.0.0 Sparc
Drupal 4.5.0
Drupal 4.5.1
Drupal 4.5.2
Drupal 4.5.3
Drupal 4.6.0
Drupal 4.6.1
eGroupWare 1.0.0 .0.007
eGroupWare 1.0.1
eGroupWare 1.0.3
eGroupWare 1.0.6
FreeMed Software FreeMed 0.8.0 .0
FreeMed Software FreeMed 0.8.1
HP Tru64 5.1.0 A PK6
HP Tru64 5.1.0 B-2 PK4
HP Tru64 5.1.0 B-3
MailWatch for MailScanner 0.4.0
MailWatch for MailScanner 0.5.0
MailWatch for MailScanner 0.5.1
MailWatch for MailScanner 1.0.0
Mandriva Corporate Server 3.0.0
Mandriva Corporate Server 3.0.0 X86 64
Mandriva Linux Mandrake 10.0.0
Mandriva Linux Mandrake 10.0.0 amd64
Mandriva Linux Mandrake 10.1.0
Mandriva Linux Mandrake 10.1.0 X86 64
Mandriva Linux Mandrake 10.2.0
Mandriva Linux Mandrake 10.2.0 X86 64
MAXdev MD-Pro 1.0.72
MySQL AB Eventum 1.5.4
Nucleus CMS 3.0.0
Nucleus CMS 3.0.0 1
Nucleus CMS 3.0.0 RC
Nucleus CMS 3.1.0
Nucleus CMS 3.2.0
PEAR XML_RPC 1.3.0
PEAR XML_RPC 1.3.0 RC1
PEAR XML_RPC 1.3.0 RC2
PEAR XML_RPC 1.3.0 RC3
PHP 4.0.0 0
PHP 4.0.1
PHP 4.0.1 Pl1
PHP 4.0.1 Pl2
PHP 4.0.2
PHP 4.0.3
PHP 4.0.3 Pl1
PHP 4.0.4
PHP 4.0.5
PHP 4.0.6
PHP 4.0.7
PHP 4.0.7 RC1
PHP 4.0.7 RC2
PHP 4.0.7 RC3
PHP 4.1.0 .0
PHP 4.1.1
PHP 4.1.2
PHP 4.2.0 .0
PHP 4.2.0 -Dev
PHP 4.2.1
PHP 4.2.2
PHP 4.2.3
PHP 4.3.0
PHP 4.3.1
PHP 4.3.10
PHP 4.3.11
PHP 4.3.2
PHP 4.3.3
PHP 4.3.4
PHP 4.3.5
PHP 4.3.6
PHP 4.3.7
PHP 4.3.8
PHP 4.3.9
phpAdsNew 2.0.0 beta 5
phpAdsNew 2.0.0 beta 6
phpAdsNew 2.0.4 -pr1
phpAdsNew 2.0.4 -Pr2
phpAdsNew 2 dev 09102001
phpAdsNew 2 dev 30092001
PHPGroupWare 0.9.12
PHPGroupWare 0.9.13
PHPGroupWare 0.9.14
PHPGroupWare 0.9.14 .001
PHPGroupWare 0.9.14 .002
PHPGroupWare 0.9.14 .003
PHPGroupWare 0.9.14 .004
PHPGroupWare 0.9.14 .005
PHPGroupWare 0.9.14 .006
PHPGroupWare 0.9.14 .007
PHPGroupWare 0.9.16 .000
PHPGroupWare 0.9.16 .002
PHPGroupWare 0.9.16 .003
PHPGroupWare 0.9.16 .005
PHPGroupWare 0.9.16 .006
PHPGroupWare 0.9.16 RC1
PHPGroupWare 0.9.16 RC2
PHPGroupWare 0.9.16 RC3
phpMyFAQ 1.4.0
phpMyFAQ 1.4.0 A
phpMyFAQ 1.4.0 -Alpha 1
phpMyFAQ 1.4.0 -Alpha 2
phpMyFAQ 1.4.1
phpMyFAQ 1.4.2
phpMyFAQ 1.4.3
phpMyFAQ 1.4.4
phpMyFAQ 1.4.5
phpMyFAQ 1.4.6
phpMyFAQ 1.4.7
phpMyFAQ 1.4.8
phpMyFAQ 1.5.0 Alpha1
phpMyFAQ 1.5.0 Alpha2
phpMyFAQ 1.5.0 Beta1
phpMyFAQ 1.5.0 Beta2
phpMyFAQ 1.5.0 Beta3
phpMyFAQ 1.5.0 RC1
phpMyFAQ 1.5.0 RC2
phpMyFAQ 1.5.0 RC3
phpMyFAQ 1.5.0 RC4
phpPgAds 2.0.0
phpPgAds 2.0.6
phpWebsite 0.10.0
phpWebsite 0.10.1
phpWebsite 0.9.3
phpWebsite 0.9.3 -1
phpWebsite 0.9.3 -2
phpWebsite 0.9.3 -3
phpWebsite 0.9.3 -4
PHP-Wiki 1.2.0
PHP-Wiki 1.2.1
PHP-Wiki 1.2.2
PHP-Wiki 1.3.1
PHP-Wiki 1.3.10
PHP-Wiki 1.3.11 Rc2
PHP-Wiki 1.3.11 Rc3
PHP-Wiki 1.3.2
PHP-Wiki 1.3.3
PHP-Wiki 1.3.9
PostNuke 0.75.0
PostNuke 0.76.0 RC4
PostNuke 0.76.0 RC4a
PostNuke 0.76.0 RC4b
Red Hat Desktop 3.0.0
Red Hat Desktop 4.0.0
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux ES 3
Red Hat Enterprise Linux ES 4
Red Hat Enterprise Linux WS 3
Red Hat Enterprise Linux WS 4
Red Hat Fedora Core1
Red Hat Fedora Core2
Red Hat Fedora Core3
Red Hat Fedora Core4
S9Y Serendipity 0.8.0
S9Y Serendipity 0.8.0 -Beta5
S9Y Serendipity 0.8.0 -Beta6
S9Y Serendipity 0.8.0 -Beta6 Snapshot
S9Y Serendipity 0.8.1
Seagull PHP Framework 0.4.0
Seagull PHP Framework 0.4.0 Dev1
Seagull PHP Framework 0.4.0 Dev2
Seagull PHP Framework 0.4.0 Dev3
Seagull PHP Framework 0.4.1
Seagull PHP Framework 0.4.2
Seagull PHP Framework 0.4.3
SGI ProPack 3.0.0 SP6
SuSE Linux Desktop 1.0.0
SuSE Linux Personal 8.2.0
SuSE Linux Personal 9.0.0
SuSE Linux Personal 9.0.0 X86 64
SuSE Linux Personal 9.1.0
SuSE Linux Personal 9.1.0 X86 64
SuSE Linux Personal 9.2.0
SuSE Linux Personal 9.2.0 X86 64
SuSE Linux Personal 9.3.0
SuSE Linux Personal 9.3.0 X86 64
SuSE Linux Professional 8.2.0
SuSE Linux Professional 9.0.0
SuSE Linux Professional 9.0.0 X86 64
SuSE Linux Professional 9.1.0
SuSE Linux Professional 9.1.0 X86 64
SuSE Linux Professional 9.2.0
SuSE Linux Professional 9.2.0 X86 64
SuSE Linux Professional 9.3.0
SuSE Linux Professional 9.3.0 X86 64
SuSE Novell Linux Desktop 9.0.0
SuSE Open-Enterprise-Server 9.0.0
SuSE SUSE Linux Enterprise Server 8
SuSE SUSE Linux Enterprise Server 9
SuSE SuSE Linux Openexchange Server 4.0.0
SuSE SUSE LINUX Retail Solution 8.0.0
SuSE SuSE Linux School Server for i386
SuSE SuSE Linux Standard Server 8.0.0
TikiWiki Project TikiWiki 1.6.1
TikiWiki Project TikiWiki 1.7.1 .1
TikiWiki Project TikiWiki 1.7.2
TikiWiki Project TikiWiki 1.7.3
TikiWiki Project TikiWiki 1.7.4
TikiWiki Project TikiWiki 1.7.5
TikiWiki Project TikiWiki 1.7.6
TikiWiki Project TikiWiki 1.7.7
TikiWiki Project TikiWiki 1.7.8
TikiWiki Project TikiWiki 1.7.9
TikiWiki Project TikiWiki 1.8.0
TikiWiki Project TikiWiki 1.8.1
TikiWiki Project TikiWiki 1.8.2
TikiWiki Project TikiWiki 1.8.3
TikiWiki Project TikiWiki 1.8.4
Trustix Secure Enterprise Linux 2.0.0
Trustix Secure Linux 2.1.0
Trustix Secure Linux 2.2.0
Trustix Secure Linux 3.0.0
Ubuntu Ubuntu Linux 4.1.0 Ia32
Ubuntu Ubuntu Linux 4.1.0 Ia64
Ubuntu Ubuntu Linux 4.1.0 Ppc
Ubuntu Ubuntu Linux 5.0.0 4 Amd64
Ubuntu Ubuntu Linux 5.0.0 4 I386
Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
WordPress 0.7.0
WordPress 0.71.0
WordPress 1.2.0
WordPress 1.2.1
WordPress 1.2.2
WordPress 1.5.0
WordPress 1.5.1
WordPress 1.5.1 .2
XML-RPC for PHP 1.0.0
XML-RPC for PHP 1.0.0 1
XML-RPC for PHP 1.0.0 2
XML-RPC for PHP 1.0.99
XML-RPC for PHP 1.0.99 .2
XML-RPC for PHP 1.1.0
Xoops 2.0.0
Xoops 2.0.1
Xoops 2.0.10
Xoops 2.0.11
Xoops 2.0.12
Xoops 2.0.2
Xoops 2.0.3
Xoops 2.0.5
Xoops 2.0.5 .1
Xoops 2.0.5 .2
Xoops 2.0.9 .2
Xoops 2.0.9 .3

References

BugTraq: 14088
CVE: CVE-2005-1921
URL: http://www.gulftech.org/?node=research&article_id=00088-07022005

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: PHP XML Command Execution

Extended Description

Affected Products

References