PHPDeveloper.org: Secunia.com: Avaya Products PHP Multiple Vulnerabilities

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: TEKSystems (Recruiter) Seeks PHP Web Application Developers (Tampa, FL)

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

Job Posting: Kodak Graphic Communications Group Seeks PHP Application Developer (Stamford, CT)

News Archive

Till's Blog: ZendFramework (performance) II

Sebastian Bergmann's Blog: Freezing and Thawing PHP Objects

Jani Hartikainen's Blog: NetBeans 6.5 review (with PHP support)

Rob Allen's Blog: File uploads with Zend_Form_Element_File

PHPro.org: Calculate Friday The 13th With Datetime Class

Marco Tabini's Blog: It turns out, I was wrong

Community News: Latest PEAR Releases for 12.01.2008

Site News: Job Postings for the week of 11.23.2008

KillerPHP.com: Creating a Wordpress Theme from Scratch (Video)

Chris Hartjes' Blog: Handling Multiple Environments In Your PHP Application

Secunia.com:
Avaya Products PHP Multiple Vulnerabilities

by Chris Cornutt June 14, 2007 @ 08:02:00

Secunia has posted a vulnerability marked as "highly critical" for users of any of the Avaya products that use PHP:

Avaya has acknowledged some vulnerabilities in various Avaya products, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions and potentially by malicious people to compromise a vulnerable system.

The following products are affected:

Avaya Communication Manager (CM 4.0 and CM 2.x prior to load 127.0)
Avaya CCS/SES (CCS/SES 3.1.1)
Avaya AES (AES 4.0)

Currently, according to the original announcement from Avaya, there are two issues that have been found and are able to be exploited - an issue with the xmlrpc extension and a problem with the ftp extension. Currently, there is no patch to correct these issues, but you can keep track of their current status via their entries

0 comments voice your opinion now!
secunia avaya xmlrpc ftp extenstion vulnerability secunia avaya xmlrpc ftp extenstion vulnerability

Similar Posts

Hardened-PHP Project: Advisory - PHP open_basedir Race Condition Vulnerability

Community News: DreamStats "rootpath" File Inclusion Vulnerability Identified

FrSIRT Advisory: P-News Arbitrary PHP File Upload and Remote Information Disclosure Vulnerabilities

Community News: Avaya Products PHP Multiple Vulnerabilities

Stefan Esser's Blog: Suhosin 0.9.20 and crypt() Thread Safety Vulnerability

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework