Remote Code Injection via xml rpc (third party library used in MD-Pro CMS) Support and security / Security Posted by TiMax on June 29, 2005 - 06:44 PM |
|
Thanks to Andreas Krapohl [larsneo] of Postnuke Dev team we was notified about a security issue within the current MD-Pro and xmlrpc library.VULNERABILTIES- remote code injection via xml rpc library SOLUTIONIt is recommended that all admins deactivate and remove the 'xmlrpc' module within administration-modules and additionaly remove /xmlrpc.php and and the /modules/xmlrpc folder completly from the filesystem.We highly recommends to *not* use the xml rpc library until the maintainers [1] provide a secure solution. Once an updated version is available a modularized version will be provided for download as an additional module.CREDITSThe exploit has been originally found by James from GulfTech Security Research [1] and was reported via security contact. Additionally the maintainers of the xml rpc library were contacted.[1] phpxmlrpc.sourceforge.net [2] |
|
This story comes from MAXdev http://www.maxdev.com/ The URL for this story is: http://www.maxdev.com/modules.php?op=modload&name=News&file=article&sid=492 Links in this article [1] http://www.gulftech.org/ [2] http://phpxmlrpc.sourceforge.net/ |