Sign-up

ID

VAR-200810-0141


CVE

CVE-2008-3645


TITLE

Multiple PHP XML-RPC implementations vulnerable to code injection

Trust: 0.8

sources: CERT/CC: VU#442845

DESCRIPTION

Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. NOTE: This BID is being retired; the following individual records have been created to better document these issues: 31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability 31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability 31708 Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability 31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability 31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability 31711 Apple Mac OS X 'configd' EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability 31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability 31720 Apple Finder Denial of Service Vulnerability 31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability 31688 CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability 31722 Apple Mac OS X 10.5 'launchd' Unspecified Security Bypass Vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected software or to obtain SYSTEM-level privileges. Failed attempts will cause denial-of-service conditions. Local or remote attackers may exploit these vulnerabilities to cause multiple threats. Malicious files may cause Finder to terminate unexpectedly when generating icons, and Finder will continue to restart and termination. Until this file is deleted, the user account cannot be accessed through the Finder user interface. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15884 VERIFY ADVISORY: http://secunia.com/advisories/15884/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/ DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA15852 SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.06

sources: NVD: CVE-2008-3645 // CERT/CC: VU#442845 // JVNDB: JVNDB-2008-001814 // BID: 31681 // BID: 31711 // VULHUB: VHN-33770 // PACKETSTORM: 38390

AFFECTED PRODUCTS

vendor:applemodel:mac os x serverscope:eqversion:10.5.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.11

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.5.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.11

Trust: 1.6

vendor:drupalmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:pear xml rpcmodel: - scope: - version: -

Trust: 0.8

vendor:phpxmlrpcmodel: - scope: - version: -

Trust: 0.8

vendor:postnukemodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:serendipitymodel: - scope: - version: -

Trust: 0.8

vendor:trustix secure linuxmodel: - scope: - version: -

Trust: 0.8

vendor:ubuntu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:wordpressmodel: - scope: - version: -

Trust: 0.8

vendor:xoopsmodel: - scope: - version: -

Trust: 0.8

vendor:phpmyfaqmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.4.11

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.5.5

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.4.11

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.5

Trust: 0.8

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.9

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.9

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.10

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.10

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.11

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.11

Trust: 0.6

sources: CERT/CC: VU#442845 // BID: 31681 // BID: 31711 // JVNDB: JVNDB-2008-001814 // CNNVD: CNNVD-200810-163 // NVD: CVE-2008-3645

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-3645
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#442845
value: 20.75

Trust: 0.8

NVD: CVE-2008-3645
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200810-163
value: HIGH

Trust: 0.6

VULHUB: VHN-33770
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-3645
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-33770
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-33770 // JVNDB: JVNDB-2008-001814 // CNNVD: CNNVD-200810-163 // NVD: CVE-2008-3645

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-33770 // JVNDB: JVNDB-2008-001814 // NVD: CVE-2008-3645

THREAT TYPE

local

Trust: 0.9

sources: BID: 31711 // CNNVD: CNNVD-200810-163

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200810-163

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-001814

PATCH
title:HT3216url:http://support.apple.com/kb/HT3216
Trust: 0.8
title:HT3216url:http://support.apple.com/kb/HT3216?viewlocale=ja_JP
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-001814

EXTERNAL IDS
db:NVDid:CVE-2008-3645
Trust: 3.1
db:BIDid:31711
Trust: 2.8
db:SECUNIAid:32222
Trust: 2.5
db:BIDid:31681
Trust: 2.0
db:SECTRACKid:1021025
Trust: 1.7
db:VUPENid:ADV-2008-2780
Trust: 1.7
db:XFid:45781
Trust: 1.4
db:SECUNIAid:15884
Trust: 0.9
db:SECUNIAid:15810
Trust: 0.8
db:SECUNIAid:15922
Trust: 0.8
db:SECUNIAid:15852
Trust: 0.8
db:SECUNIAid:15855
Trust: 0.8
db:SECUNIAid:15861
Trust: 0.8
db:SECUNIAid:15862
Trust: 0.8
db:SECUNIAid:15872
Trust: 0.8
db:SECUNIAid:15883
Trust: 0.8
db:SECUNIAid:15895
Trust: 0.8
db:BIDid:14088
Trust: 0.8
db:SECTRACKid:1014327
Trust: 0.8
db:CERT/CCid:VU#442845
Trust: 0.8
db:JVNDBid:JVNDB-2008-001814
Trust: 0.8
db:CNNVDid:CNNVD-200810-163
Trust: 0.7
db:APPLEid:APPLE-SA-2008-10-09
Trust: 0.6
db:VULHUBid:VHN-33770
Trust: 0.1
db:PACKETSTORMid:38390
Trust: 0.1
sources:
            
            
            CERT/CC: VU#442845 // 
            
            
            
            VULHUB: VHN-33770 // 
            
            
            
            BID: 31681 // 
            
            
            
            BID: 31711 // 
            
            
            
            JVNDB: JVNDB-2008-001814 // 
            
            
            
            PACKETSTORM: 38390 // 
            
            
            
            CNNVD: CNNVD-200810-163 // 
            
            
            
            NVD: CVE-2008-3645

REFERENCES
url:http://www.securityfocus.com/bid/31711
Trust: 2.5
url:http://secunia.com/advisories/32222
Trust: 2.5
url:http://support.apple.com/kb/ht3216
Trust: 2.3
url:http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html
Trust: 1.7
url:http://www.securityfocus.com/bid/31681
Trust: 1.7
url:http://www.securitytracker.com/id?1021025
Trust: 1.7
url:http://www.frsirt.com/english/advisories/2008/2780
Trust: 1.4
url:http://xforce.iss.net/xforce/xfdb/45781
Trust: 1.4
url:http://www.vupen.com/english/advisories/2008/2780
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/45781
Trust: 1.1
url:http://secunia.com/advisories/15884/
Trust: 0.9
url:http://secunia.com/advisories/15852/
Trust: 0.9
url:http://www.hardened-php.net/advisory-022005.php
Trust: 0.8
url:http://secunia.com/advisories/15861/
Trust: 0.8
url:http://secunia.com/advisories/15862/
Trust: 0.8
url:http://secunia.com/advisories/15895/
Trust: 0.8
url:http://secunia.com/advisories/15883/
Trust: 0.8
url:http://news.postnuke.com/modules.php?op=modload&name=news&file=article&sid=2699
Trust: 0.8
url:http://secunia.com/advisories/15855/
Trust: 0.8
url:http://secunia.com/advisories/15810/
Trust: 0.8
url:http://secunia.com/advisories/15872/
Trust: 0.8
url:http://secunia.com/advisories/15922/
Trust: 0.8
url:http://securitytracker.com/alerts/2005/jun/1014327.html
Trust: 0.8
url:http://www.gulftech.org/?node=research&article_id=00088-07022005
Trust: 0.8
url:http://www.gulftech.org/?node=research&article_id=00087-07012005
Trust: 0.8
url:http://www.securityfocus.com/bid/14088
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3645
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3645
Trust: 0.8
url:http://www.apple.com/macosx/
Trust: 0.6
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/4577/
Trust: 0.1
url:http://secunia.com/secunia_vacancies/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://sourceforge.net/project/showfiles.php?group_id=36679
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#442845 // 
            
            
            
            VULHUB: VHN-33770 // 
            
            
            
            BID: 31681 // 
            
            
            
            BID: 31711 // 
            
            
            
            JVNDB: JVNDB-2008-001814 // 
            
            
            
            PACKETSTORM: 38390 // 
            
            
            
            CNNVD: CNNVD-200810-163 // 
            
            
            
            NVD: CVE-2008-3645

CREDITS
regenrechtSergio AlvarezRalf Meyer
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200810-163

SOURCES
db:CERT/CCid:VU#442845
db:VULHUBid:VHN-33770
db:BIDid:31681
db:BIDid:31711
db:JVNDBid:JVNDB-2008-001814
db:PACKETSTORMid:38390
db:CNNVDid:CNNVD-200810-163
db:NVDid:CVE-2008-3645

LAST UPDATE DATE
2024-09-19T21:50:14.023000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#442845date:2007-03-09T00:00:00
db:VULHUBid:VHN-33770date:2017-08-08T00:00:00
db:BIDid:31681date:2009-03-24T16:56:00
db:BIDid:31711date:2008-10-15T16:17:00
db:JVNDBid:JVNDB-2008-001814date:2008-11-07T00:00:00
db:CNNVDid:CNNVD-200810-163date:2009-02-10T00:00:00
db:NVDid:CVE-2008-3645date:2017-08-08T01:32:03.030

SOURCES RELEASE DATE
db:CERT/CCid:VU#442845date:2005-07-06T00:00:00
db:VULHUBid:VHN-33770date:2008-10-10T00:00:00
db:BIDid:31681date:2008-10-09T00:00:00
db:BIDid:31711date:2008-10-09T00:00:00
db:JVNDBid:JVNDB-2008-001814date:2008-11-07T00:00:00
db:PACKETSTORMid:38390date:2005-07-01T23:31:00
db:CNNVDid:CNNVD-200810-163date:2007-05-16T00:00:00
db:NVDid:CVE-2008-3645date:2008-10-10T10:30:04.967