OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jose Romeo Vela (jrvelaaristasol.com)
Date: Mon Mar 18 2002 - 19:17:42 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    --- nullbyte <nullbyteinetd-secure.net> wrote:
    > phpBB2 is vulnerable to remote execution command
    >
    > All *nix running phpBB2 versoion 2.0.
    >
    > Bug could be found at "phpBB2 root path" which is allowed remote
    > attacker
    > to execute any command remotely.
    > The vulnerability of this attack start with
    > '/phpBB2/includes/db.php?phpbb_root_path=' but some backdoor server
    > are needed to launch the attack.
    >
    > I did not look further into this bug.
    > It is tested on most *nix systems running phpBB2 version 2.0.
    > Probably all
    > versions.
    >
    > Bug was found by pokley and nullbyte
    >
    > nullbyte
    > nullbyteinetd-secure.net
    >

    This bug only affects non-CVS versions. There is a fix available. For
    details see:

    http://phpbb.sourceforge.net/phpBB2/viewtopic.php?t=9105

    ---------------------------------------------------------------------
    Jose Romeo Vela
    jrvelaaristasol.com
    http://www.aristasol.com/