Overview
phpBB contains an user input validation problem with regard to the parsing of the URL. An intruder can deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board.
Description
phpBB is an open-source bulletin board. A lack of input validation on the highlight parameter supplied to viewtopic.php may allow a remote attacker to execute arbitrary commands on a vulnerable server. The problem occurs because phpBB does not scan incoming URLs for malicious content when they are decoded. We have seen reports of exploitation related to this vulnerability. |
Impact
A remote attacker may be able to deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board. |
Solution
Update |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was reported by the phpBB Development Team.
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | None |
| Severity Metric: | 37.97 |
| Date Public: | 2004-11-19 |
| Date First Published: | 2004-12-21 |
| Date Last Updated: | 2005-06-29 19:03 UTC |
| Document Revision: | 34 |