lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 29 Jun 2005 18:14:24 -0500
From: GulfTech Security Research <security@...ftech.org>
To: Christopher Kunz <christopher.kunz@...dened-php.net>,
	BugTraq <bugtraq@...urityfocus.com>
Subject: Re: Advisory 02/2005: Remote code execution in Serendipity


"[2] that leads to remote code execution. Unfortunately, this vulner-
   ability also exists in the PEAR XMLRPC implementation, and GulfTech 
somewhat
   neglected to notify the vendors in question."

This is a very unfair statement as I did my best to hunt down everyone 
using the vulnerable libraries. Both the PEAR guys and the PHPXMLRPC 
guys were contacted several days ago, and I also took the time to 
personally  contact everyone I could find using the vulnerable XMLRPC 
libraries. I think it would be impossible for anyone to hunt down every 
application using these libraries.

In regards to the vulnerabilities: No technical details will be released 
by GulfTech until both libraries are updated because the holes are 
identical and it would cause more harm than good. Anyone using either 
vulnerable library should visit the official website pertaining to the 
library and download any updated version. Again, technical details of 
the vulnerabilities in these two libraries will be released in the future.

James

Christopher Kunz wrote:

>                         Hardened PHP Project
>                         www.hardened-php.net
>
>
>                       -= Security  Advisory =-
>
>
>      Advisory: Remote code execution in Serendipity
>  Release Date: 2005/06/29
> Last Modified: 2005/06/29
>        Author: Christopher Kunz <christopher.kunz@...dened-php.net>
>   Application: Serendipity <= 0.8.2
>      Severity: Arbitrary remote code execution
>          Risk: Very High
> Vendor Status: Vendor has released an updated version
>    References: http://www.hardened-php.net/advisory-022005.php
>
>
> Overview:
>
>    Quote from http://www.s9y.org/:
>    "Serendipity is a weblog/blog system, implemented with PHP. It is 
> standards
>    compliant, feature rich and open source (BSD License). Serendipity is
>    constantly under active development, with a team of talented 
> developers
>    trying to make the best PHP powered blog on the net."
>
>
> Details:
>
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ