Re: [Full-disclosure] Security Advisory - phpBB 2.0.15 PHP-code injection bug

From: Siegfried (siegfri3d_at_gmail.com)
Date: 06/29/05

  • Next message: Christopher Kunz: "[Full-disclosure] Advisory 02/2005: Remote code execution in Serendipity" 
    Date: Wed, 29 Jun 2005 18:28:10 +0200
To: full-disclosure@lists.grok.org.uk

    >Due to a bug in the phpBB highlighting code it's possible to inject
    >PHP-code into the running script. E.g. It's possible to run system
    >commands if the PHP interpreter allows system() and simular functions.
    >This is actually based on an old bug which was improperly fixed in
    >phpBB 2.0.11.

    phpBB versions 2.0.11 through 2.0.14 don't seem affected no? it was
    rather reintroduced in version 2.0.15 because they changed some things
    in this part of the code
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/

  • Next message: Christopher Kunz: "[Full-disclosure] Advisory 02/2005: Remote code execution in Serendipity"

    Relevant Pages

    • Re: SQLCeCommandBuilder...ITS A BUG...
      ... In order to evade this bug, you must update the dataset with the exact same ... Start by looking at the actual commands the command builder builds for ... Dim dcConn As New SqlCeConnection ... Dim cb As New SqlCeCommandBuilder() ...
      (microsoft.public.dotnet.framework.compactframework)
    • Re: [SLE] find command in SuSE 9.2 dont work properly
      ... Find does not have a bug. ... explaining real facts and using valid logic. ... I do, however, feel some duty to defend facts and logic against the ... For additional commands send e-mail to suse-linux-e-help@suse.com ...
      (SuSE)
    • Re: [LogoForum] Re: Programming in mswlogo can be surprising
      ... only device drivers should be able to do.  This is bad for FMSLogo, ... Why don't the mswlogo fans share their work om the net. ... I just tested out a fix for this bug and it worked.  You can expect ... commands to do what you want, ...
      (comp.lang.logo)
    • bug in fzero
      ... The following commands cause matlab 7.0.4 to hang; ... maximum iteration count, but fzero does not have this. ... This bug has been reported to Mathworks and hopefully will be fixed ...
      (comp.soft-sys.matlab)
    • Re: Linux 2.6.21
      ... Make it almost totally message-id and thread based, and make it an implicit part of LKML (IE: subscribe the kbugger program to LKML). ... Merges the current bug and/or email thread into an existing bug. ... Get detailed information about the history of the current bug. ... All emails it receives will be autoparsed for commands, however it should be coded to ignore all text in emailed patches, and it should support the command to halt parsing for cases where you need to send plain kbugger commands via email. ...
      (Linux-Kernel)