ID

VAR-200810-0141


CVE

CVE-2008-3645


TITLE

Multiple PHP XML-RPC implementations vulnerable to code injection

Trust: 0.8

sources: CERT/CC: VU#442845

DESCRIPTION

Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. NOTE: This BID is being retired; the following individual records have been created to better document these issues: 31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability 31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability 31708 Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability 31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability 31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability 31711 Apple Mac OS X 'configd' EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability 31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability 31720 Apple Finder Denial of Service Vulnerability 31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability 31688 CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability 31722 Apple Mac OS X 10.5 'launchd' Unspecified Security Bypass Vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected software or to obtain SYSTEM-level privileges. Failed attempts will cause denial-of-service conditions. Local or remote attackers may exploit these vulnerabilities to cause multiple threats. Malicious files may cause Finder to terminate unexpectedly when generating icons, and Finder will continue to restart and termination. Until this file is deleted, the user account cannot be accessed through the Finder user interface. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15895 VERIFY ADVISORY: http://secunia.com/advisories/15895/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/ DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA15852 SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.06

sources: NVD: CVE-2008-3645 // CERT/CC: VU#442845 // JVNDB: JVNDB-2008-001814 // BID: 31681 // BID: 31711 // VULHUB: VHN-33770 // PACKETSTORM: 38388

AFFECTED PRODUCTS

vendor:applemodel:mac os x serverscope:eqversion:10.5.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.11

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.5.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.11

Trust: 1.6

vendor:drupalmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:pear xml rpcmodel: - scope: - version: -

Trust: 0.8

vendor:phpxmlrpcmodel: - scope: - version: -

Trust: 0.8

vendor:postnukemodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:serendipitymodel: - scope: - version: -

Trust: 0.8

vendor:trustix secure linuxmodel: - scope: - version: -

Trust: 0.8

vendor:ubuntu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:wordpressmodel: - scope: - version: -

Trust: 0.8

vendor:xoopsmodel: - scope: - version: -

Trust: 0.8

vendor:phpmyfaqmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.4.11

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.5.5

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.4.11

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.5

Trust: 0.8

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.9

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.9

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.10

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.10

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.11

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.11

Trust: 0.6

sources: CERT/CC: VU#442845 // BID: 31681 // BID: 31711 // JVNDB: JVNDB-2008-001814 // CNNVD: CNNVD-200810-163 // NVD: CVE-2008-3645

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-3645
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#442845
value: 20.75

Trust: 0.8

NVD: CVE-2008-3645
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200810-163
value: HIGH

Trust: 0.6

VULHUB: VHN-33770
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-3645
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-33770
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-33770 // JVNDB: JVNDB-2008-001814 // CNNVD: CNNVD-200810-163 // NVD: CVE-2008-3645

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-33770 // JVNDB: JVNDB-2008-001814 // NVD: CVE-2008-3645

THREAT TYPE

local

Trust: 0.9

sources: BID: 31711 // CNNVD: CNNVD-200810-163

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200810-163

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-001814

PATCH

title:HT3216url:http://support.apple.com/kb/HT3216

Trust: 0.8

title:HT3216url:http://support.apple.com/kb/HT3216?viewlocale=ja_JP

Trust: 0.8

sources: JVNDB: JVNDB-2008-001814

EXTERNAL IDS

db:NVDid:CVE-2008-3645

Trust: 3.1

db:BIDid:31711

Trust: 2.8

db:SECUNIAid:32222

Trust: 2.5

db:BIDid:31681

Trust: 2.0

db:SECTRACKid:1021025

Trust: 1.7

db:VUPENid:ADV-2008-2780

Trust: 1.7

db:XFid:45781

Trust: 1.4

db:SECUNIAid:15895

Trust: 0.9

db:SECUNIAid:15810

Trust: 0.8

db:SECUNIAid:15922

Trust: 0.8

db:SECUNIAid:15852

Trust: 0.8

db:SECUNIAid:15855

Trust: 0.8

db:SECUNIAid:15861

Trust: 0.8

db:SECUNIAid:15862

Trust: 0.8

db:SECUNIAid:15872

Trust: 0.8

db:SECUNIAid:15883

Trust: 0.8

db:SECUNIAid:15884

Trust: 0.8

db:BIDid:14088

Trust: 0.8

db:SECTRACKid:1014327

Trust: 0.8

db:CERT/CCid:VU#442845

Trust: 0.8

db:JVNDBid:JVNDB-2008-001814

Trust: 0.8

db:CNNVDid:CNNVD-200810-163

Trust: 0.7

db:APPLEid:APPLE-SA-2008-10-09

Trust: 0.6

db:VULHUBid:VHN-33770

Trust: 0.1

db:PACKETSTORMid:38388

Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-33770 // BID: 31681 // BID: 31711 // JVNDB: JVNDB-2008-001814 // PACKETSTORM: 38388 // CNNVD: CNNVD-200810-163 // NVD: CVE-2008-3645

REFERENCES

url:http://www.securityfocus.com/bid/31711

Trust: 2.5

url:http://secunia.com/advisories/32222

Trust: 2.5

url:http://support.apple.com/kb/ht3216

Trust: 2.3

url:http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html

Trust: 1.7

url:http://www.securityfocus.com/bid/31681

Trust: 1.7

url:http://www.securitytracker.com/id?1021025

Trust: 1.7

url:http://www.frsirt.com/english/advisories/2008/2780

Trust: 1.4

url:http://xforce.iss.net/xforce/xfdb/45781

Trust: 1.4

url:http://www.vupen.com/english/advisories/2008/2780

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/45781

Trust: 1.1

url:http://secunia.com/advisories/15895/

Trust: 0.9

url:http://secunia.com/advisories/15852/

Trust: 0.9

url:http://www.hardened-php.net/advisory-022005.php

Trust: 0.8

url:http://secunia.com/advisories/15861/

Trust: 0.8

url:http://secunia.com/advisories/15862/

Trust: 0.8

url:http://secunia.com/advisories/15884/

Trust: 0.8

url:http://secunia.com/advisories/15883/

Trust: 0.8

url:http://news.postnuke.com/modules.php?op=modload&name=news&file=article&sid=2699

Trust: 0.8

url:http://secunia.com/advisories/15855/

Trust: 0.8

url:http://secunia.com/advisories/15810/

Trust: 0.8

url:http://secunia.com/advisories/15872/

Trust: 0.8

url:http://secunia.com/advisories/15922/

Trust: 0.8

url:http://securitytracker.com/alerts/2005/jun/1014327.html

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00088-07022005

Trust: 0.8

url:http://www.gulftech.org/?node=research&article_id=00087-07012005

Trust: 0.8

url:http://www.securityfocus.com/bid/14088

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3645

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3645

Trust: 0.8

url:http://www.apple.com/macosx/

Trust: 0.6

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/3699/

Trust: 0.1

url:http://sourceforge.net/project/showfiles.php?group_id=66479

Trust: 0.1

url:http://secunia.com/secunia_vacancies/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-33770 // BID: 31681 // BID: 31711 // JVNDB: JVNDB-2008-001814 // PACKETSTORM: 38388 // CNNVD: CNNVD-200810-163 // NVD: CVE-2008-3645

CREDITS

regenrechtSergio AlvarezRalf Meyer

Trust: 0.6

sources: CNNVD: CNNVD-200810-163

SOURCES

db:CERT/CCid:VU#442845
db:VULHUBid:VHN-33770
db:BIDid:31681
db:BIDid:31711
db:JVNDBid:JVNDB-2008-001814
db:PACKETSTORMid:38388
db:CNNVDid:CNNVD-200810-163
db:NVDid:CVE-2008-3645

LAST UPDATE DATE

2024-11-27T22:03:54.463000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#442845date:2007-03-09T00:00:00
db:VULHUBid:VHN-33770date:2017-08-08T00:00:00
db:BIDid:31681date:2009-03-24T16:56:00
db:BIDid:31711date:2008-10-15T16:17:00
db:JVNDBid:JVNDB-2008-001814date:2008-11-07T00:00:00
db:CNNVDid:CNNVD-200810-163date:2009-02-10T00:00:00
db:NVDid:CVE-2008-3645date:2024-11-21T00:49:46.373

SOURCES RELEASE DATE

db:CERT/CCid:VU#442845date:2005-07-06T00:00:00
db:VULHUBid:VHN-33770date:2008-10-10T00:00:00
db:BIDid:31681date:2008-10-09T00:00:00
db:BIDid:31711date:2008-10-09T00:00:00
db:JVNDBid:JVNDB-2008-001814date:2008-11-07T00:00:00
db:PACKETSTORMid:38388date:2005-07-01T23:31:00
db:CNNVDid:CNNVD-200810-163date:2007-05-16T00:00:00
db:NVDid:CVE-2008-3645date:2008-10-10T10:30:04.967