NVD脆弱性詳細

CVE-2006-0147

概要	Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
公表日	2006年1月10日8:03
登録日	2021年1月29日15:29
最終更新日	2018年10月20日0:42

CVSS2.0 : HIGH
スコア	7.5
ベクター	AV:N/AC:L/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	はい
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:john_lim:adodb:4.66:::::::*
cpe:2.3:a:john_lim:adodb:4.68:::::::*
cpe:2.3:a:mantis:mantis:0.19.4:::::::*
cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
cpe:2.3:a:moodle:moodle:1.5.3:::::::*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*

関連情報、対策とツール

No	URL	refsource	タグ
1	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html	MISC	Exploit
2	http://retrogod.altervista.org/simplog_092_incl_xpl.html	MISC	Exploit
3	http://secunia.com/advisories/17418	SECUNIA	Exploit Patch Vendor Advisory
4	http://secunia.com/advisories/18233	SECUNIA	Patch Vendor Advisory
5	http://secunia.com/advisories/18254	SECUNIA	Patch Vendor Advisory
6	http://secunia.com/advisories/18260	SECUNIA	Patch Vendor Advisory
7	http://secunia.com/advisories/18267	SECUNIA	Vendor Advisory
8	http://secunia.com/advisories/18276	SECUNIA	Patch Vendor Advisory
9	http://secunia.com/advisories/19555	SECUNIA	Patch Vendor Advisory
10	http://secunia.com/advisories/19590	SECUNIA	Patch Vendor Advisory
11	http://secunia.com/advisories/19591	SECUNIA	Patch Vendor Advisory
12	http://secunia.com/advisories/19600	SECUNIA	Vendor Advisory
13	http://secunia.com/advisories/19628	SECUNIA	Patch Vendor Advisory
14	http://secunia.com/advisories/19691	SECUNIA
15	http://secunia.com/secunia_research/2005-64/advisory/	MISC	Exploit Patch Vendor Advisory
16	http://www.debian.org/security/2006/dsa-1029	DEBIAN	Patch Vendor Advisory
17	http://www.debian.org/security/2006/dsa-1030	DEBIAN	Patch Vendor Advisory
18	http://www.debian.org/security/2006/dsa-1031	DEBIAN
19	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml	GENTOO	Patch Vendor Advisory
20	http://www.osvdb.org/22291	OSVDB
21	http://www.securityfocus.com/archive/1/430448/100/0/threaded	BUGTRAQ
22	http://www.securityfocus.com/archive/1/430743/100/0/threaded	BUGTRAQ
23	http://www.vupen.com/english/advisories/2006/0101	VUPEN
24	http://www.vupen.com/english/advisories/2006/0102	VUPEN
25	http://www.vupen.com/english/advisories/2006/0103	VUPEN
26	http://www.vupen.com/english/advisories/2006/0104	VUPEN
27	http://www.vupen.com/english/advisories/2006/1305	VUPEN
28	http://www.vupen.com/english/advisories/2006/1332	VUPEN
29	https://exchange.xforce.ibmcloud.com/vulnerabilities/24052	XF
30	https://www.exploit-db.com/exploits/1663	EXPLOIT-DB

共通脆弱性一覧

構成1	以上	以下	より上	未満
cpe:2.3:a:john_lim:adodb:4.66:::::::*
cpe:2.3:a:john_lim:adodb:4.68:::::::*
cpe:2.3:a:mantis:mantis:0.19.4:::::::*
cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
cpe:2.3:a:moodle:moodle:1.5.3:::::::*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*