[VIM] provable vendor ACK for PHPX SQL injection
Steven M. Christey
coley at mitre.org
Sun Dec 4 17:29:20 EST 2005
Re: CVE-2005-3968
Vendor has a vague ACK at:
http://www.phpx.org/news.php?news_id=139
A patch is provided.
A diff between auth.inc.php in 3.5.9 versus the patch shows a new
check that $username is alphanumeric.
- Steve
======================================================
Name: CVE-2005-3968
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3968
Reference: BUGTRAQ:20051130 PhpX <= 3.5.9 SQL Injection -> login bypass -> remote command/code execution
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/418253/100/0/threaded
Reference: MISC:http://rgod.altervista.org/phpx_359_xpl.html
Reference: CONFIRM:http://www.phpx.org/news.php?news_id=139
Reference: BID:15680
Reference: URL:http://www.securityfocus.com/bid/15680
Reference: FRSIRT:ADV-2005-2696
Reference: URL:http://www.frsirt.com/english/advisories/2005/2696
Reference: SECTRACK:1015300
Reference: URL:http://securitytracker.com/id?1015300
Reference: SECUNIA:17858
Reference: URL:http://secunia.com/advisories/17858
SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier
allows remote attackers to execute arbitrary SQL commands, bypass
authentication, and upload arbitrary PHP code via the username
parameter.
More information about the VIM
mailing list