HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2007-43
PHP msql_connect() Buffer Overflow and PHP-Nuke Multiple Cross-Site Scripting (XSS) Vulnerabilities.

Original issue date: August 17, 2007

Severity Rating: High

Systems Affected

  • PHP 5.2.3
  • PHP-Nuke 7.x
  • PHP-Nuke 8.x

Description

1. PHP msql_connect() Buffer Overflow Vulnerability.
( CVE-2007-4255 )

A buffer overflow vulnerability has been reported in the mSQL (Mini SQL) extension in PHP due to improper bounds checking by the msql_connect function. A remote attacker could exploit the vulnerability by creating a specially crafted request via a long first argument to the msql_connect function to execute arbitrary code or cause denial of service attack on the affected system.

2. PHP-Nuke Multiple Cross-Site scripting (XSS) Vulnerabilities.
( CVE-2007-4212 )

Multiple cross-site scripting (XSS) vulnerabilities have been identified in the Search Module in PHP-Nuke. These vulnerabilities could be exploited by remote attackers to execute arbitrary web script or HTML via a trailing "<" instead of a ">" in the onerror attribute of an IMG element , the onload attribute of an IFRAME element or redirect users to other sites via the META tag to steal sensitive and confidential information or possibly compromise the affected system.

Workaround

Disable scripting support in the browser settings.

References

SecurityFocus
http://www.securityfocus.com/bid/25213
http://www.securityfocus.com/bid/25171
http://www.securityfocus.com/archive/1/archive/1/475249/100/
0/threaded

Xforce
http://xforce.iss.net/xforce/xfdb/35830

 CVE-Name
CVE-2007-4255
CVE-2007-4212

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003