Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

[OPENADS-SA-2008-001] Openads 2.4.2 vulnerability fixed
From: Matteo Beccati <php () beccati com>
Date: Mon, 04 Feb 2008 18:47:53 +0100
========================================================================
Openads security advisory                            OPENADS-SA-2008-001
------------------------------------------------------------------------
Advisory ID:           OPENADS-SA-2008-001
Date:                  2008-Feb-04
Security risk:         Critical
Applications affetced: Openads
Versions affected:     2.4.0 <= x <= 2.4.2
Versions not affected: >= 2.4.3
========================================================================


========================================================================
Vulnerability:  Remote PHP code injection and execution
========================================================================

Description
-----------
A remote PHP code injection and execution vulnerability has recently
been found. The vulnerability affects the delivery engine, which does
not require any kind of authentication. An attacker could exploit it to
execute arbitrary PHP code.

Solution
--------
 - Upgrade to Openads 2.4.3

Credits
-------
 - Reporter: Tanatik


Contact informations
====================

The security contact for Openads can be reached at:
<security AT openads DOT org>


Best regards
--
Matteo Beccati
http://www.openads.org

  By Date           By Thread  

Current thread:
  • [OPENADS-SA-2008-001] Openads 2.4.2 vulnerability fixed Matteo Beccati (Feb 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]