From: Secunia Security Advisories (sec-advsecunia.com)
Date: Thu Apr 24 2003 - 02:33:01 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
YABB SE Arbitrary File Inclusion Vulnerability

READ ONLINE:
http://www.secunia.com/advisories/8646/

CRITICAL:
Highly critical

IMPACT:
Exposure of sensitive information, System access

WHERE:
From remote

SOFTWARE:
YaBB SE 1.x

DESCRIPTION:
A vulnerability has been reported in YABB SE, which can be exploited
by malicious, registered users to compromise a vulnerable system.

The vulnerability is caused due to an input validation error making
it possible to supply arbitrary paths to files in the variable
"$language". This can be exploited by supplying a path to a malicious
file on a remote server, which can result in execution of arbitrary
code on the vulnerable system.

The vulnerability can also be exploited to access arbitrary files on
the vulnerable system with the privileges of the web service if
"safe_mode" has been disabled.

SOLUTION:
Update to version 1.5.2:
https://sourceforge.net/project/showfiles.php?group_id=57105

REPORTED BY / CREDITS:
Fermín J. Serna

ORIGINAL ADVISORY:
http://www.ngsec.com/docs/advisories/NGSEC-2003-5.txt

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]