Upload and share your files..FREE !!!

> TOP10 SECURITY SITES <
Astalavista.net - Securit... MOBILE-REVIEW.WS :: News ... Curse-X.COM NET WANDERER hcR Security Team	13337 SecureDeath[d0t]com Your site here Your site here Your site here
>> Your site here <<

Top Submit news Subscribe

Access Control // Auditing // Communication // Computer Crime // Confidentiality // Cryptography // Digital Imaging // Exploit // Gadgets // Hack // Hardware // Incidents // Internet // Intrusion Detection // Linux // Malicious Code // Microsoft Windows // Mobile // Other // PDA // Phreaking // Privacy // Software Updates // Virus // Vulnerability //

Previous article Back to news list Next article

Sponsored links

Want to become one of our authors and see your work published on HackZone ?

phpBB "Upload Avatar from a URL" Weakness and PHP Code Execution Vulnerability

Categorie: Vulnerability
Posted: 2006-05-25 by DiMan
Views: 4445
Source: Click here

Current Rating: Not rated

Details

Software: phpBB 2.x

Description:
A weakness and a vulnerability have been discovered in phpBB, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to use it for making HTTP requests to other sites.

1) A design error in the "Upload Avatar from a URL" functionality can be exploited to cause the server to make HTTP GET requests to arbitrary remote sites.

Successful exploitation requires that the "Enable avatar uploading" setting is enabled (disabled by default).

2) Input passed to the "Font Colour 3" field isn't properly sanitised before being used in a "preg_replace()" call with the "e" modifier. This can be exploited to inject and execute arbitrary PHP code.

Successful exploitation requires administrative privileges.

The weakness and the vulnerability have been confirmed in version 2.0.20. Other versions may also be affected.

Solution:
Disable "Enable avatar uploading" if enabled and edit the source code to ensure that input is properly sanitised.

Syndication

Permalink Email this

The URI to TrackBack this entry is:
http://www.hackzone.us/news/trackback.php?id=1641

User comments (post your comments here)

Only registerd members can post comments and articles

Previous article Back to news list Next article

Last security news	Last forum messages
hackzone hacked... Bluesoleil (general bluetooth) drivers update 2.3.060728... Blu-ray, HD DVD DRM busted... FBI database hacked... Phishing by phone... Microsoft France site cracked... Social networks poised to shape Net's future... Windows Vista Beta 2 Available for Public Download... Hacker Steals Energy Department Employee Data... PQI Introduces 64GB NAND Flash 2.5" Disks... More news... Submit news RSS	Cracks and Serials / Re: READ HERE FOR GAMES CRACK! Hack / WEB / Re: NEED HELP FOR E-MAIL PASSWORD Cracks and Serials / Re: RigNRoll crack Cracks and Serials / Re: Need GOLD MEMBERSHIP to Adult Friend finder Hack / WEB / Re: NEED HELP FOR E-MAIL PASSWORD Cracks and Serials / CalMan 3.2 Cracks and Serials / Re: need Artisteer Crack Cracks and Serials / Re: need Artisteer Crack Cracks and Serials / Re: RigNRoll crack Cracks and Serials / IBF - Safexpert v7.0 Go to forums... RSS

CrackPortal.com TheCRACK CrackSpider.DE Need Crack KeyGen.us AllSeek Google FILE HOSTING