Full Disclosure: Re: Security Advisory - phpBB 2.0.15 PHP-code injection bug

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Security Advisory - phpBB 2.0.15 PHP-code injection bug

From: Siegfried <siegfri3d () gmail com>
Date: Wed, 29 Jun 2005 18:28:10 +0200

Due to a bug in the phpBB highlighting code it's possible to inject
PHP-code into the running script. E.g. It's possible to run system
commands if the PHP interpreter allows system() and simular functions.
This is actually based on an old bug which was improperly fixed in
phpBB 2.0.11.


phpBB versions 2.0.11 through 2.0.14 don't seem affected no? it was
rather reintroduced in version 2.0.15 because they changed some things
in this part of the code
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Security Advisory - phpBB 2.0.15 PHP-code injection bug ronvdaal (Jun 28)
- Re: Security Advisory - phpBB 2.0.15 PHP-code injection bug Andrew Farmer (Jun 29)
- Re: Security Advisory - phpBB 2.0.15 PHP-code injection bug Tatercrispies (Jun 29)
- <Possible follow-ups>
- Re: Security Advisory - phpBB 2.0.15 PHP-code injection bug Siegfried (Jun 29)