Exploit for Vulnerability in XML-RPC
July 6, 2005
US-CERT is aware of a working public exploit for a vulnerability in a common PHP extension module (XML-RPC) that could allow a remote attacker to execute code of their choosing on a vulnerable system. Any application, typically web-based, that uses a flawed XML-RPC PHP implementation is vulnerable to exploitation. XML-RPC allows software to make procedure calls over the Internet typically using HTTP and XML.
A remote attacker could exploit the XML-RPC vulnerability to execute PHP code of their choosing. The code would be executed in the context of the server program that runs the corresponding web-based application. More information about this vulnerability can be found in the following US-CERT Vulnerability Note:
VU#442845 - Multiple PHP XML-RPC implementations vulnerable to code injection: http://www.kb.cert.org/vuls/id/442845
US-CERT encourages administrators to apply the appropriate updates, patches, or fixes as soon as possible. If upgrading is not feasible or convenient at this time, then administrators should consider disabling the affected XML-RPC libraries.
- www.us-cert.gov
[ Comment, Edit or Article Submission ]
