EXEC exploit in phpBB - fix

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: EXEC exploit in phpBB - fix
From: "Paul S. Owen" <paul0x01@xxxxxxxxxxxxxx>
Date: Thu, 18 Nov 2004 12:33:45 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Thread-index: AcTNas7hf8/mJTQpTJCJ8d1z7FWaGQ==

Following additional information supplied to us by a party other than
"howdark.com" we can confirm the existence of a serious exploit in phpBB, in
all versions below 2.0.11.

We will not post concept of proof information given the seriousness of this
issue. Unfortunately howdark.com group have chosen to as a personal vendetta
against phpbb.com.

We are preparing full, changed files and patch based releases which fix this
issue (and several other bugs/issues). While we are testing this we urge all
phpBB users to implement the fix given in the following announcement at
phpbb.com:

http://www.phpbb.com/phpBB/viewtopic.php?t=240513

Please spread this information far and wide, all hosting providers if
possible please inform your users. Anyone copying the howdark.com exploit
_please_ ensure you also include details of the fix noted in the above post!

PS: Thanks to the bugtraq moderators for moderating out a previous post of
mine, ta muchly for that :)

Follow-Ups:
- RE: EXEC exploit in phpBB - fix
  - From: Ron Brinker

Prev by Date: Re: RX171104 Cscope v15.5 and minors - symlink vulnerability - advisory, exploit and patch.
Next by Date: FreeBSD Security Advisory FreeBSD-SA-04:16.fetch
Previous by thread: AppServ 2.5.x and Prior Exploit
Next by thread: RE: EXEC exploit in phpBB - fix
Index(es):
- Date
- Thread