NASLDB: phpBB Multiple Module phpbb_root_path Parameter Remote File Inclusion
General
ID: 21323
Name: phpBB Multiple Module phpbb_root_path Parameter Remote File Inclusion
Summary: Tries to read a local file using phpBB modules
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: 80
Family: CGI abuses
Type: Remote
Description
The remote host contains a third-party module for phpBB.
The version of at least one such component or module installed on the
remote host fails to sanitize input to the ‘phpbb_root_path’ parameter
before using it to include PHP code. Provided PHP’s
‘register_globals’ setting is enabled, an unauthenticated attacker may
be able to exploit these flaws to view arbitrary files on the remote
host or to execute arbitrary PHP code, possibly taken from third-party
hosts.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2006-2245
OSVDB: –
Bugtraq: 17822
scipID: –
Timeline
Vulnerability Disclosure: 2006/05/03
Patch Release: –
Plugin Release: 2006/05/04
Plugin
Version: 1.32
Filename: phpbb_auction_phpbb_root_path_file_include.nasl
Filesize: 6976 bytes
MD5 Hash: e879c1386ce8b275df14a9eddc62d223
Identification: –
Require Keys: www/phpBB
Dependencies: "phpbb_detect.nasl"
Copyright: This script is Copyright© 2006-2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack