phpMyFAQ Security Advisory

Execution of arbitrary PHP code in phpMyFAQ version 1.4 and 1.5

Issued on:
2005-06-29
Software:
phpMyFAQ version 1.4 and 1.5
Risk:
high
Platforms:
all

The phpMyFAQ Team has learned of a serious security issue that has been discovered in our bundled library XML-RPC we use in phpMyFAQ 1.4 and 1.5.

Description

The vulnerability is caused due to an unspecified error, which can be exploited to execute arbitrary PHP code via an application using the vulnerable library.

Impact

This issue allows for possible remote code execution.

Solution

The phpMyFAQ Team has released a new phpMyFAQ version 1.4.9 and 1.5.0 RC5, which incorporate a fixed bundled library XML-RPC. All users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.

Workaround

As a temporary hotfix you can delete your xmlrpcs.php and xmlrpcs.php file in the directory inc/so that your FAQ will not easily allow execution of maliclius XML-RPC method calls.

Credits

Please read this advisory, too.