Board index   FAQ   Search  
Register  Login
Board index php forum :: Bar News and Announcements

phpBB Updates

Rules, News, Announcements and so much more: We are here to inform you.

Moderators: macek, egami, gesf

phpBB Updates

Postby WiZARD » Fri Jul 08, 2005 12:18 am

PHPBB URL Tag BBCode.PHP Vulnerability

The phpbb vendor reports that a critical vulnerability exists in the BBCode handling routines of the 'bbcode.php' script.

The bbcode [url] tag is not properly sanitized of user-supplied input. This could permit the injection of arbitrary HTML or script code into the browser of an unsuspecting user in the context of the affected site.

PHPBB URL Tag BBCode.PHP Vulnerability

Class: Input Validation Error
CVE: CVE-MAP-NOMATCH
Remote: Yes
Local: No
Published: May 09 2005 12:00AM
Updated: Jun 02 2005 08:09PM
Credit: Discovery of this issue is credited to Papados.
Vulnerable:
phpBB Group phpBB 2.0.14
phpBB Group phpBB 2.0.13
phpBB Group phpBB 2.0.12
phpBB Group phpBB 2.0.11
phpBB Group phpBB 2.0.10
phpBB Group phpBB 2.0.9
phpBB Group phpBB 2.0.8 a
phpBB Group phpBB 2.0.8
phpBB Group phpBB 2.0.7 a
phpBB Group phpBB 2.0.7
phpBB Group phpBB 2.0.6 d
phpBB Group phpBB 2.0.6 c
phpBB Group phpBB 2.0.6
phpBB Group phpBB 2.0.5
phpBB Group phpBB 2.0.4
phpBB Group phpBB 2.0.3
phpBB Group phpBB 2.0.2
phpBB Group phpBB 2.0.1
phpBB Group phpBB 2.0 .0
phpBB Group phpBB 2.0 RC4
- Apache Software Foundation Apache 1.3.9
- Apache Software Foundation Apache for Windows 1.3.9
phpBB Group phpBB 2.0 RC3
- Apache Software Foundation Apache 1.3.9
- Apache Software Foundation Apache for Windows 1.3.9
phpBB Group phpBB 2.0 RC2
- Apache Software Foundation Apache 1.3.9
- Apache Software Foundation Apache for Windows 1.3.9
phpBB Group phpBB 2.0 RC1
- Apache Software Foundation Apache 1.3.9
- Apache Software Foundation Apache for Windows 1.3.9
phpBB Group phpBB 2.0 Beta 1
- Apache Software Foundation Apache 1.3.9
- Apache Software Foundation Apache for Windows 1.3.9

Not Vulnerable:
phpBB Group phpBB 2.0.15

from www.securityfocus.com
User avatar
WiZARD
Moderator
Moderator
 
Posts: 1257
Joined: Thu Jun 20, 2002 10:14 pm
Location: Ukraine, Crimea, Simferopol

Postby gesf » Fri Jul 08, 2005 3:54 am

Ops! What's this BBS version?
I like that CouCou box :D
User avatar
gesf
Moderator
Moderator
 
Posts: 1718
Joined: Sun Dec 29, 2002 5:03 am
Location: Portugal / Sweden

Postby Alexej Kubarev » Fri Jul 08, 2005 4:11 am

if you ment this forums version: always the latest :)
User avatar
Alexej Kubarev
Site Admin
Site Admin
 
Posts: 2223
Joined: Fri Mar 05, 2004 7:15 am
Location: Täby, Stockholms län

Postby gesf » Fri Jul 08, 2005 4:18 am

:D
User avatar
gesf
Moderator
Moderator
 
Posts: 1718
Joined: Sun Dec 29, 2002 5:03 am
Location: Portugal / Sweden

Postby Alexej Kubarev » Fri Jul 08, 2005 5:47 am

gesf: we are not THAT stupid... not yet anyways... oh well.. not that we know..
hehe..
User avatar
Alexej Kubarev
Site Admin
Site Admin
 
Posts: 2223
Joined: Fri Mar 05, 2004 7:15 am
Location: Täby, Stockholms län


Return to News and Announcements

Who is online

Users browsing this forum: No registered users and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.