|
|
Family: CGI abuses --> Category: infos
Multiple vulnerabilities in phpBB 2.0.14 and older Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in phpBB 2.0.14 and older
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by
multiple vulnerabilities.
Description :
According to its banner, the remote host is running a version of phpBB
that suffers from multiple flaws:
- A BBCode Input Validation Vulnerability
The application fails to properly filter for the BBCode
URL in the 'includes/bbcode.php' script. With a specially-
crafted URL, a possible hacker cause arbitrary script code to be
executed in a user's browser, possibly even to modify
registry entries without the user's knowledge.
- Cross-Site Scripting Vulnerabilities
The application does not properly sanitize user-supplied input
to the 'forumname' and 'forumdesc' parameters of the
'admin/admin_forums.php' script. By enticing an phpBB
administrator to visit a a specially-crafted link, a possible hacker
can potentially steal the admin's session cookie or perform
other attacks.
- Improper Filtering of HTML Code
The application does not completely filter user-supplied input
to the 'u' parameter of the 'profile.php' script or the
'highlight' parameter of the 'viewtopic.php' script.
See also :
http://archives.neohapsis.com/archives/bugtraq/2005-04/0383.html
http://castlecops.com/t123194-.html
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=288194
Solution :
Upgrade to phpBB version 2.0.15 or later.
Threat Level:
Low / CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:N/A:N/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
