Re: phpBB 2.0.8a and lower - IP spoofing vulnerability

To: Ready Response <wang@xxxxxxxxxxx>
Subject: Re: phpBB 2.0.8a and lower - IP spoofing vulnerability
From: 3APA3A <3APA3A@xxxxxxxxxxxxxxxx>
Date: Tue, 20 Apr 2004 16:15:48 +0400
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <20040419000129.28917.qmail@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: http://www.security.nnov.ru
References: <20040419000129.28917.qmail@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: 3APA3A <3APA3A@xxxxxxxxxxxxxxxx>

Dear Ready Response,

--Monday, April 19, 2004, 4:01:29 AM, you wrote to bugtraq@xxxxxxxxxxxxxxxxx:

RR> the  users IP address in the common.php script. This issue is caused
RR> by blind trust of the X-Forwarded-For HTTP header. A remote attacker

This  issue  is very common for different BBs (for example Iconboard has
same problem), in addition to IP spoofing it's usually possible to cause
crossite  scripting  by  inserting  script  into forgery X-Forwarded-For
header.

-- 
~/ZARAZA
Но ведь кому угодно могут прийти в голову яйца, пятки и епископы. (Лем)

Follow-Ups:
- Re: phpBB 2.0.8a and lower - IP spoofing vulnerability
  - From: Xin LI

References:
- phpBB 2.0.8a and lower - IP spoofing vulnerability
  - From: Ready Response

Prev by Date: Re: NcFTP - password leaking
Next by Date: MDKSA-2004:033 - Updated xine-ui packages fix temporary file insecurities
Previous by thread: Re: phpBB 2.0.8a and lower - IP spoofing vulnerability
Next by thread: Re: phpBB 2.0.8a and lower - IP spoofing vulnerability
Index(es):
- Date
- Thread