Description
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.
Product(s):
- Drupal
- Drupal 4.0.0
- Drupal 4.1.0
- Drupal 4.2.0
- Drupal 4.3.0
- Drupal 4.3.1
- Drupal 4.3.2
- Drupal 4.4.0
- Drupal 4.4.1
- Drupal 4.4.2
- Drupal 4.4.3
- Drupal 4.5.0
- Drupal 4.5.1
- Drupal 4.5.2
- Drupal 4.5.3
- Drupal 4.6.0
- Drupal 4.6.1
- GGGeek phpxmlrpc
- Gggeek Phpxmlrpc -
- PHP XML_RPC for PEAR
- PHP XML_RPC 1.0.2 for Pear
- PHP XML_RPC 1.0.3 for Pear
- PHP XML_RPC 1.0.4 for Pear
- PHP XML_RPC 1.1.0 for Pear
- PHP XML_RPC 1.2.0 for Pear
- PHP XML_RPC 1.2.0 Release Candidate 1 for Pear
- PHP XML_RPC 1.2.0 Release Candidate 2 for Pear
- PHP XML_RPC 1.2.0 Release Candidate 3 for Pear
- PHP XML_RPC 1.2.0 Release Candidate 4 for Pear
- PHP XML_RPC 1.2.0 Release Candidate 5 for Pear
- PHP XML_RPC 1.2.0 Release Candidate 6 for Pear
- PHP XML_RPC 1.2.0 Release Candidate 7 for Pear
- PHP XML_RPC 1.2.1 for Pear
- PHP XML_RPC 1.2.2 for Pear
- PHP XML_RPC 1.3.0 for Pear
- PHP XML_RPC 1.3.0 Release Candidate 1 for Pear
- PHP XML_RPC 1.3.0 Release Candidate 2 for Pear
- PHP XML_RPC 1.3.0 Release Candidate 3 for Pear
- Tiki Wiki CMS/Groupware
- Tiki Tikiwiki CMS/Groupware 1.6.1
- Tiki Tikiwiki CMS/Groupware 1.8.1 (Polaris)
- Debian Debian Linux 3.1
- Debian Linux 3.1 Alpha Edition
- Debian Linux 3.1 AMD64 Edition
- Debian Linux 3.1 ARM Edition
- Debian Linux 3.1 HPPA Edition
- Debian Linux 3.1 IA-32 Edition
- Debian Linux 3.1 IA-64 Edition
- Debian Linux 3.1 M68K Edition
- Debian Linux 3.1 MIPS Edition
- Debian Linux 3.1 MIPSEL Edition
- Debian Linux 3.1 PPC Edition
- Debian Linux 3.1 S-390 Edition
- Debian Linux 3.1 Sparc Edition
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-1921, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-1921 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.