PEAR::XML_RPC - Security vulnerability! - Blog - Open Source - schlitt.info

schlitt.info - php, photography and private stuff

PEAR::XML_RPC - Security vulnerability!

As already mentioned, a huge bunch of PHP based applications have a security issue in their XML-RPC implementations. This also applied to PEAR::XML_RPC. If you are using this package, it's more than recommended to upgrade to the new version 1.3.1, which fixes the named issue. If you have your own or are using another ones XML-RPC implementation, please check immediatly if the issue exists there, too! There are several example exploits around the web, so take this issue seriously!

Thanks to Stefan Esser for the info and the patch for PEAR::XML_RPC!

If you liked this blog post or learned something, please consider using flattr to contribute back: .

Trackbacks

Comments

Add new comment

Fields with bold names are mandatory.