Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0147

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0147
Last Modified 30 Aug 2013 12:52:39
Published 09 Jan 2006 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0147

Summary

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

Vulnerable Systems

Application

  • John Lim Adodb 4.66

  • John Lim Adodb 4.68

  • Mantis 0.19.4

  • Mantis 1.0.0 Rc4

  • Moodle 1.5.3

  • Postnuke Software Foundation Postnuke 0.761

  • The Cacti Group Cacti 0.8.6g


References

OSVDB - 22291

GENTOO - GLSA-200604-07

DEBIAN - DSA-1030

DEBIAN - DSA-1029

MISC - http://secunia.com/secunia_research/2005-64/advisory/

SECUNIA - 19628

SECUNIA - 19591

SECUNIA - 19590

SECUNIA - 19555

SECUNIA - 18276

SECUNIA - 18260

SECUNIA - 18254

SECUNIA - 18233

SECUNIA - 17418

VUPEN - ADV-2006-1332

VUPEN - ADV-2006-1305

VUPEN - ADV-2006-0104

VUPEN - ADV-2006-0103

VUPEN - ADV-2006-0102

VUPEN - ADV-2006-0101

BUGTRAQ - 20060412 Simplog <=0.9.2 multiple vulnerabilities

BUGTRAQ - 20060409 PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection

DEBIAN - DSA-1031

SECUNIA - 19600

SECUNIA - 18267

MISC - http://retrogod.altervista.org/simplog_092_incl_xpl.html

MISC - http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html

MILW0RM - 1663

XF - adodb-tmssql-command-execution(24052)

SECUNIA - 19691


Last Updated: 27 May 2016 10:41:32