CVE-2005-2498

NameCVE-2005-2498
DescriptionEval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-789-1, DSA-798-1, DSA-840-1, DSA-842-1, DTSA-15-1
NVD severitymedium (attack range: remote)
Debian Bugs323347, 323349, 323350, 323366

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
php5 (PTS)wheezy5.4.45-0+deb7u2fixed
wheezy (security)5.4.45-0+deb7u11fixed
jessie (security), jessie5.6.30+dfsg-0+deb8u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
drupalsource(unstable)4.5.5-1high323347
drupalsourcesarge4.5.3-4mediumDSA-840-1
egroupwaresource(unstable)1.0.0.009.dfsg-1high323350
egroupwaresourcesarge1.0.0.007-2.dfsg-2sarge2mediumDSA-842-1
php4source(unstable)4:4.3.10-16high323366
php4sourceetch4:4.3.10-16etch1mediumDTSA-15-1
php4sourcesarge4:4.3.10-16highDSA-789-1
php4sourcewoody4:4.1.2-7.woody5highDSA-789-1
php5source(unstable)5.0.5-1high
phpgroupwaresource(unstable)0.9.16.008-1high323349
phpgroupwaresourcesarge0.9.16.005-3.sarge2highDSA-798-1
phpgroupwaresourcewoody(not affected)DSA-798-1
phpwikisource(unstable)(unfixed)unimportant

Notes

phpwiki has disabled the XMLRPC in the last upload, it orphaned as well, should be fixed anyway

Search for package or bug name: Reporting problems