Re: Simple Machine Forum - Private section/posts/info disclosure
This is the second SMF vulnerability announced in the recent weeks that appears
to be caused by administrative misconfiguration rather than an error in SMF. I
have tested this on a default SMF 1.1.4 test environment and it did not work
for me.
Given the fact that previous messages from h3llcode or others in your
blackroots.it group make mention of the use of .htaccess for controlling access
to sensitive areas, it seems likely that h3llcode has opened permissions to
allow escalated privileges to others and is then attempting to control those
privileges using .htaccess files. Either that or h3llcode is testing the
advanced search from an account enabled with escalated privileges already.
h3llcode, please create a default SMF 1.1.4 test environment and report back on
your findings. If it can be duplicated in a properly configured SMF forum, I'm
very interested in knowing about it.
Thank you,
Kevin Lynn, CISSP