ID

VAR-200807-0061


CVE

CVE-2008-1589


TITLE

Multiple PHP XML-RPC implementations vulnerable to code injection

Trust: 0.8

sources: CERT/CC: VU#442845

DESCRIPTION

Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web sites. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Safari is a web browser provided by Apple. Safari installed in iPod touch and iPhone accepts a self-signed or invalid server cerficate without the user's explicit concent when connecting via SSL/TLS. According to Apple, "When Safari accesses a website that uses a self-signed or invalid certificate, it prompts the user to accept or reject the certificate. If the user presses the menu button while at the prompt, then on the next visit to the site, the certificate is accepted with no prompt." Hiromitsu Takagi reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.This vulnerability could be exploited to conduct a man-in-the-middle attack. As a result, this may lead to the disclosure of sensitive information. Apple iPhone and iPod touch are prone to multiple remote vulnerabilities: 1. A vulnerability that may allow users to spoof websites. 2. An information-disclosure vulnerability. 3. A buffer-overflow vulnerability. 4. Two memory-corruption vulnerabilities. Successfully exploiting these issues may allow attackers to execute arbitrary code, crash the affected application, obtain sensitive information, or direct unsuspecting victims to a spoofed site; other attacks are also possible. These issues affect iPhone 1.0 through 1.1.4 and iPod touch 1.1 through 1.1.4. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15884 VERIFY ADVISORY: http://secunia.com/advisories/15884/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/ DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA15852 SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2008-1589 // CERT/CC: VU#442845 // JVNDB: JVNDB-2008-000039 // BID: 30186 // VULHUB: VHN-31714 // PACKETSTORM: 38390

AFFECTED PRODUCTS

vendor:applemodel:safariscope:eqversion:*

Trust: 1.0

vendor:applemodel:ipod touchscope:eqversion:1.1.1

Trust: 0.9

vendor:applemodel:ipod touchscope:eqversion:1.1

Trust: 0.9

vendor:applemodel:iphonescope:eqversion:1.1.4

Trust: 0.9

vendor:applemodel:iphonescope:eqversion:1.1.3

Trust: 0.9

vendor:applemodel:iphonescope:eqversion:1.1.2

Trust: 0.9

vendor:applemodel:iphonescope:eqversion:1.1.1

Trust: 0.9

vendor:applemodel:iphonescope:eqversion:1.0.2

Trust: 0.9

vendor:applemodel:iphonescope:eqversion:1.0.1

Trust: 0.9

vendor:drupalmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:pear xml rpcmodel: - scope: - version: -

Trust: 0.8

vendor:phpxmlrpcmodel: - scope: - version: -

Trust: 0.8

vendor:postnukemodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:serendipitymodel: - scope: - version: -

Trust: 0.8

vendor:trustix secure linuxmodel: - scope: - version: -

Trust: 0.8

vendor:ubuntu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:wordpressmodel: - scope: - version: -

Trust: 0.8

vendor:xoopsmodel: - scope: - version: -

Trust: 0.8

vendor:phpmyfaqmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:iphonescope:eqversion:v1.0 to v1.1.4

Trust: 0.8

vendor:applemodel:ipod touchscope:eqversion:v1.1 to v1.1.4

Trust: 0.8

vendor:applemodel:iphonescope:eqversion:1.0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:1.02

Trust: 0.6

vendor:applemodel:safari for windowsscope:eqversion:3.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.2.3

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.4

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.3

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3.0.3

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.2

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3.0.2

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3.0.1

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:safari beta for windowsscope:eqversion:3

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1.4

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1.3

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:1.1.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:1

Trust: 0.3

vendor:applemodel:safari for windowsscope:neversion:4

Trust: 0.3

vendor:applemodel:safariscope:neversion:4

Trust: 0.3

vendor:applemodel:ipod touchscope:neversion:2.0

Trust: 0.3

vendor:applemodel:iphonescope:neversion:2.0

Trust: 0.3

sources: CERT/CC: VU#442845 // BID: 30186 // JVNDB: JVNDB-2008-000039 // CNNVD: CNNVD-200807-212 // NVD: CVE-2008-1589

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-1589
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#442845
value: 20.75

Trust: 0.8

IPA: JVNDB-2008-000039
value: LOW

Trust: 0.8

CNNVD: CNNVD-200807-212
value: MEDIUM

Trust: 0.6

VULHUB: VHN-31714
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-1589
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2008-000039
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-31714
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-31714 // JVNDB: JVNDB-2008-000039 // CNNVD: CNNVD-200807-212 // NVD: CVE-2008-1589

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-31714 // JVNDB: JVNDB-2008-000039 // NVD: CVE-2008-1589

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200807-212

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-200807-212

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-000039

PATCH

title:iPhone v2.0 and iPod touch v2.0url:http://support.apple.com/kb/HT2351

Trust: 0.8

title: Apple security updatesurl:http://support.apple.com/kb/HT1222

Trust: 0.8

title:Apple iPhone Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=156711

Trust: 0.6

sources: JVNDB: JVNDB-2008-000039 // CNNVD: CNNVD-200807-212

EXTERNAL IDS

db:NVDid:CVE-2008-1589

Trust: 2.8

db:JVNDBid:JVNDB-2008-000039

Trust: 2.5

db:JVNid:JVN88676089

Trust: 2.5

db:BIDid:30186

Trust: 2.0

db:SECUNIAid:31074

Trust: 1.7

db:VUPENid:ADV-2008-2094

Trust: 1.7

db:SECUNIAid:15884

Trust: 0.9

db:SECUNIAid:15810

Trust: 0.8

db:SECUNIAid:15922

Trust: 0.8

db:SECUNIAid:15852

Trust: 0.8

db:SECUNIAid:15855

Trust: 0.8

db:SECUNIAid:15861

Trust: 0.8

db:SECUNIAid:15862

Trust: 0.8

db:SECUNIAid:15872

Trust: 0.8

db:SECUNIAid:15883

Trust: 0.8

db:SECUNIAid:15895

Trust: 0.8

db:BIDid:14088

Trust: 0.8

db:SECTRACKid:1014327

Trust: 0.8

db:CERT/CCid:VU#442845

Trust: 0.8

db:CNNVDid:CNNVD-200807-212

Trust: 0.7

db:VULHUBid:VHN-31714

Trust: 0.1

db:PACKETSTORMid:38390

Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-31714 // BID: 30186 // JVNDB: JVNDB-2008-000039 // PACKETSTORM: 38390 // CNNVD: CNNVD-200807-212 // NVD: CVE-2008-1589

REFERENCES

url:http://lists.apple.com/archives/security-announce/2008//jul/msg00001.html

Trust: 1.7

url:http://www.securityfocus.com/bid/30186

Trust: 1.7

url:http://jvn.jp/en/jp/jvn88676089/index.html

Trust: 1.7

url:http://jvndb.jvn.jp/ja/contents/2008/jvndb-2008-000039.html

Trust: 1.7

url:http://secunia.com/advisories/31074

Trust: 1.7

url:http://www.vupen.com/english/advisories/2008/2094/references

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/43734

Trust: 1.7

url:http://secunia.com/advisories/15884/

Trust: 0.9

url:http://secunia.com/advisories/15852/

Trust: 0.9

url:http://www.hardened-php.net/advisory-022005.php

Trust: 0.8

url:http://secunia.com/advisories/15861/

Trust: 0.8

url:http://secunia.com/advisories/15862/

Trust: 0.8

url:http://secunia.com/advisories/15895/

Trust: 0.8

url:http://secunia.com/advisories/15883/

Trust: 0.8

url:http://news.postnuke.com/modules.php?op=modload&name=news&file=article&sid=2699

Trust: 0.8

url:http://secunia.com/advisories/15855/

Trust: 0.8

url:http://secunia.com/advisories/15810/

Trust: 0.8

url:http://secunia.com/advisories/15872/

Trust: 0.8

url:http://secunia.com/advisories/15922/

Trust: 0.8

url:http://securitytracker.com/alerts/2005/jun/1014327.html

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00088-07022005

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00087-07012005

Trust: 0.8

url:http://www.securityfocus.com/bid/14088

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1589

Trust: 0.8

url:http://jvn.jp/en/jp/jvn88676089/

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1589

Trust: 0.8

url:http://www.apple.com/iphone/

Trust: 0.3

url:http://www.apple.com/ipodtouch/

Trust: 0.3

url:/archive/1/494777

Trust: 0.3

url:http://support.apple.com/kb/ht2351

Trust: 0.3

url:http://support.apple.com/kb/ht3298

Trust: 0.3

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/4577/

Trust: 0.1

url:http://secunia.com/secunia_vacancies/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://sourceforge.net/project/showfiles.php?group_id=36679

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-31714 // BID: 30186 // JVNDB: JVNDB-2008-000039 // PACKETSTORM: 38390 // CNNVD: CNNVD-200807-212 // NVD: CVE-2008-1589

CREDITS

Jonathan Rom Hiromitsu Takagi SkyLined

Trust: 0.6

sources: CNNVD: CNNVD-200807-212

SOURCES

db:CERT/CCid:VU#442845
db:VULHUBid:VHN-31714
db:BIDid:30186
db:JVNDBid:JVNDB-2008-000039
db:PACKETSTORMid:38390
db:CNNVDid:CNNVD-200807-212
db:NVDid:CVE-2008-1589

LAST UPDATE DATE

2024-11-25T22:42:15.169000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#442845date:2007-03-09T00:00:00
db:VULHUBid:VHN-31714date:2017-08-08T00:00:00
db:BIDid:30186date:2009-06-09T16:49:00
db:JVNDBid:JVNDB-2008-000039date:2008-07-16T00:00:00
db:CNNVDid:CNNVD-200807-212date:2022-08-10T00:00:00
db:NVDid:CVE-2008-1589date:2024-11-21T00:44:52.463

SOURCES RELEASE DATE

db:CERT/CCid:VU#442845date:2005-07-06T00:00:00
db:VULHUBid:VHN-31714date:2008-07-14T00:00:00
db:BIDid:30186date:2008-07-11T00:00:00
db:JVNDBid:JVNDB-2008-000039date:2008-07-16T00:00:00
db:PACKETSTORMid:38390date:2005-07-01T23:31:00
db:CNNVDid:CNNVD-200807-212date:2008-07-14T00:00:00
db:NVDid:CVE-2008-1589date:2008-07-14T18:41:00