AOH :: HP Unsorted O :: BX1719.HTM

Openads 2.4.2 vulnerability fixed



Openads 2.4.2 vulnerability fixed
Openads 2.4.2 vulnerability fixed



=======================================================================Openads security advisory                            OPENADS-SA-2008-001
------------------------------------------------------------------------
Advisory ID:           OPENADS-SA-2008-001
Date:                  2008-Feb-04
Security risk:         Critical
Applications affetced: Openads
Versions affected:     2.4.0 <= x <= 2.4.2
Versions not affected: >= 2.4.3
=======================================================================

=======================================================================Vulnerability:  Remote PHP code injection and execution
=======================================================================
Description
-----------
A remote PHP code injection and execution vulnerability has recently
been found. The vulnerability affects the delivery engine, which does
not require any kind of authentication. An attacker could exploit it to
execute arbitrary PHP code.

Solution
--------
  - Upgrade to Openads 2.4.3

Credits
-------
  - Reporter: Tanatik


Contact informations
===================
The security contact for Openads can be reached at:



Best regards
--
Matteo Beccati
http://www.openads.org 


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.