|
|
|
 |
Vulnerability Note VU#920931phpBB does not adequately validate user input for language selection thereby allowing user to execute arbitrary php codeOverviewphpBB is an open-source bulletin board program. A user input validation problem exists with regard to language settings. An intruder can excute arbitrary php code and gain a shell with the privileges of the web server on the system.I. DescriptionVersion 1.4.0 and earlier have a user input validation problem that can lead to the execution of arbitrary php code. The remote user can specify what language they would like to use and phpBB will set several critical variables based on the language file loaded. If a user specifies a non-existant language, phpBB does not check if the input is valid and no language file is loaded. The intruder can use a specially crafted URL to set the variables that should have been set by the language file. The variables are then processed by eval() and the intruder's php code is executed.II. ImpactAn intruder can excute arbitrary php code and gain a shell with the privileges of the web server on the system.III. SolutionUpgrade to phpBB version 1.4.1.Systems Affected
References
This vulnerability was discovered by kill-9 <kill-9@modernhackers.com>. This document was written by Jason Rafail.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
Get Adobe Reader