Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

PBLang BBS <= 4.65 Multiple Vulnerabilities Vulnerability Scan


Vulnerability Scan Summary
Checks for multiple vulnerabilities in PBLang BBS <= 4.65

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP application that suffers from
multiple flaws.

Description :

According to its banner, the remote host is running a version of
PBLang BBS, a bulletin board system written in PHP, that suffers from
the following vulnerabilities:

- HTML Injection Vulnerability in pmpshow.php.
A possible hacker can inject arbitrary HTML and script into the
body of PMs sent to users allowing for theft of
authentication cookies or misrepresentation of the site.

- Cross-Site Scripting Vulnerability in search.php.
If a possible hacker can trick a user into following a specially
crafted link to search.php from an affected version of
PBLang, he can inject arbitrary script into the user's
browser to, say, steal authentication cookies.

- Remote PHP Script Injection Vulnerability in ucp.php.
PBLang allows a user to enter a PHP script into his/her
profile values, to be executed with the permissions of
the web server user whenever the user logs in.

- Directory Traversal Vulnerability in sendpm.php.
A logged-in user can read arbitrary files, subject to
permissions of the web server user, by passing full
pathnames through the 'orig' parameter when calling
sendpm.php.

- Arbitrary Personal Message Deletion Vulnerability in delpm.php.
A logged-in user can delete anyone's personal messages by
passing a PM id through the 'id' parameter and a username
through the 'a' parameter when calling delpm.php.

See also :

http://archives.neohapsis.com/archives/bugtraq/2005-02/0406.html
http://archives.neohapsis.com/archives/bugtraq/2005-02/0407.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0015.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0019.html
http://www.nessus.org/u?a6808b6a

Solution :

Upgrade to PBLang 4.66z or later.

Threat Level:

Low / CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:N/A:N/I:P/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

 Vulnerability Scanning Solutions, LLC.