[OPENADS-SA-2008-001] Openads 2.4.2 vulnerability fixed

看板Bugtraq作者php.時間18年前 (2008/02/05 02:13)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

======================================================================== Openads security advisory OPENADS-SA-2008-001 ------------------------------------------------------------------------ Advisory ID: OPENADS-SA-2008-001 Date: 2008-Feb-04 Security risk: Critical Applications affetced: Openads Versions affected: 2.4.0 <= x <= 2.4.2 Versions not affected: >= 2.4.3 ======================================================================== ======================================================================== Vulnerability: Remote PHP code injection and execution ======================================================================== Description ----------- A remote PHP code injection and execution vulnerability has recently been found. The vulnerability affects the delivery engine, which does not require any kind of authentication. An attacker could exploit it to execute arbitrary PHP code. Solution -------- - Upgrade to Openads 2.4.3 Credits ------- - Reporter: Tanatik Contact informations ==================== The security contact for Openads can be reached at: <security AT openads DOT org> Best regards -- Matteo Beccati http://www.openads.org

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 php. 的文章

文章代碼(AID): #17frMk00 (Bugtraq)