Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

phpBB "highlight" PHP Code Execution Vulnerability


  • Please log in to reply
5 replies to this topic

#1 River_Rat

River_Rat

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:10:34 PM

Posted 28 June 2005 - 08:34 AM

Release Date: 2005-06-28
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: phpBB 2.x

Description:
A vulnerability has been reported in phpBB, which potentially can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "highlight" parameter in "viewtopic.php" is not properly sanitised before being used in a "preg_replace()" call. This may be exploited to inject arbitrary PHP code.

The vulnerability has been reported in version 2.0.15. Prior versions may also be affected.

Solution:
Update to version 2.0.16.
http://www.phpbb.com/downloads.php


http://secunia.com/advisories/15845/

BC AdBot (Login to Remove)

 


#2 lucent

lucent

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 PM

Posted 28 June 2005 - 08:47 AM

thanks for the heads up River_Rat :thumbsup: :flowers:
Posted Image
Special thanks to efizzer for the signature

#3 River_Rat

River_Rat
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:10:34 PM

Posted 29 June 2005 - 10:17 AM

thanks for the heads up River_Rat :thumbsup:  :flowers:

YW
Trying to stay informed.

#4 River_Rat

River_Rat
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:10:34 PM

Posted 29 June 2005 - 10:27 AM

Update

Secunia Advisory: SA15845   
Release Date: 2005-06-28
Last Update: 2005-06-29


Critical: Highly critical
Impact: System access

Where: From remote

Solution Status: Vendor Patch


Software: phpBB 2.x


Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.


Description:
Ron van Daal has reported a vulnerability in phpBB, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "highlight" parameter in "viewtopic.php" is not properly sanitised before being used in a "preg_replace()" call with the "e" modifier. This can be exploited to inject arbitrary PHP code.

NOTE: This is related to an older vulnerability incorrectly fixed in version 2.0.11.

The vulnerability has been reported in version 2.0.15 and prior.

Solution:
Update to version 2.0.16.
http://www.phpbb.com/downloads.php

Provided and/or discovered by: Ron van Daal

Changelog:
2005-06-28: Updated advisory.
2005-06-29: Ron van Daal released details. Updated "Description" section.

Original Advisory:
http://www.phpbb.com/phpBB/viewtopic.php?t=302011




Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.


http://secunia.com/advisories/15845/

#5 lucent

lucent

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 PM

Posted 29 June 2005 - 07:21 PM

Thanks again, on the same day I recieved a message from the guys at phpBB. They have released an update for it, was this a planned update? or was it patched in record time with little regard to other insecurities? I don't mean to sound like I am bagging them I love using their software it is brilliant, I am, as always just curious.
Posted Image
Special thanks to efizzer for the signature

#6 River_Rat

River_Rat
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:10:34 PM

Posted 30 June 2005 - 09:12 AM

Thanks again, on the same day I recieved a message from the guys at phpBB. They have released an update for it, was this a planned update? or was it patched in record time with little regard to other insecurities? I don't mean to sound like I am bagging them I love using their software it is brilliant, I am, as always just curious.

Yes this appears to be very good and popular software. I don't personally use it only because I have no need. One can only speculate if this was a planned update or they had discovered the security breach and used this update to fix it and other flaws. If I receive any information I will gladly keep you informed. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users