FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-0146

This CVE name corresponds to:

Entered	Topic
2006-04-27	lifetype -- ADOdb "server.php" Insecure Test Script Security Issue

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-0146 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2006-0146
Phase	Assigned(20060109)

Description

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.

References

Source	Reference
BUGTRAQ	20060202 Bug for libs in php link directory 2.0
BUGTRAQ	20060409 PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection
BUGTRAQ	20070418 MediaBeez Sql query Execution .. Wear isn't ?? :)
BUGTRAQ	20060409 PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection
MISC	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
MISC	http://secunia.com/secunia_research/2005-64/advisory/
CONFIRM	http://www.xaraya.com/index.php/news/569
CONFIRM	http://www.maxdev.com/Article550.phtml
DEBIAN	DSA-1029
DEBIAN	DSA-1030
DEBIAN	DSA-1031
GENTOO	GLSA-200604-07
BID	16187
VUPEN	ADV-2006-0101
VUPEN	ADV-2006-0102
VUPEN	ADV-2006-0103
VUPEN	ADV-2006-0104
VUPEN	ADV-2006-0105
VUPEN	ADV-2006-0447
VUPEN	ADV-2006-0370
VUPEN	ADV-2006-1304
VUPEN	ADV-2006-1305
VUPEN	ADV-2006-1419
OSVDB	22290
SECUNIA	17418
SECUNIA	18254
SECUNIA	18267
SECUNIA	18260
SECUNIA	18276
SECUNIA	18233
SECUNIA	18720
SECUNIA	19555
SECUNIA	19563
SECUNIA	19590
SECUNIA	19591
SECUNIA	19600
SECUNIA	19699
SECUNIA	19691
SECUNIA	24954
SREASON	713
XF	adodb-server-command-execution(24051)