Security Advisory 2005-03-06

Execution of arbitrary PHP code in phpMyFAQ version 1.4 and 1.5

The phpMyFAQ Team has learned of a serious security issue that has been discovered in our

bundled library XML-RPC we use in phpMyFAQ 1.4 and 1.5.

The vulnerability is caused due to an unspecified error, which can be exploited to execute

arbitrary PHP code via an application using the vulnerable library.

This issue allows for possible remote code execution.

The phpMyFAQ Team has released a new phpMyFAQ version 1.4.9 and 1.5.0 RC5, which incorporate

a fixed bundled library XML-RPC. All users of affected phpMyFAQ versions are encouraged to

upgrade as soon as possible to this latest version.

As a temporary hotfix you can delete your xmlrpcs.php and xmlrpcs.php file in the directory

inc/ so that your FAQ will not easily allow execution of maliclius XML-RPC method calls.

Please read this advisory, too.