Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:774686
HistoryFeb 25, 2005 - 12:00 a.m.

phpBB vulnerable to file disclosure

2005-02-2500:00:00
www.kb.cert.org
11

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

64.1%

JSON

Overview

The phpBB input validation methods may fail to sanitize user input resulting in a disclosure of arbitrary file data.

Description

phpBB is a customizable open source bulletin board package. It contains functionality that allows users to specify graphic files for use as “avatars.” These files may be located on a remote server or on a filesystem. However, a local file upload path using the default, temporary remote server name can cause the remote phpBB server to interpret a file local to the server as the avatar file. This file will then be made available to theuser for download or viewing.

Impact

If the remote avatar and remote avatar uploading functions are enabled (which are disabled by default), a remote, authenticated attacker who is allowed to specify remote avatars may be able to access arbitrary files on the phpBB server with the permissions of the web server.

Solution

Apply an update

phpBB versions 2.0.12 and later do not contain this flaw. The phpBB web page contains additional information and downloads.

As a workaround, administrators may disable remote avatars and remote avatar uploading. These features are disabled by default.

Vendor Information

774686

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

PHPBB __ Affected

Updated: February 24, 2005

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The phpBB web page contains additional information and downloads.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23774686 Feedback>).

CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Acknowledgements

Thanks to AnthraX101 for reporting this vulnerability.

This document was written by Ken MacInnis.

Other Information

CVE IDs: CVE-2005-0259
Severity Metric: 3.75 Date Public:

Related

securityvulns 1
ubuntucve 1
cve 1
openvas 4
nessus 3
gentoo 1
freebsd 1
securityvulns
securityvulns
iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB Arbitrary File Disclosure Vulnerability
2005-02-24 00:00:00
ubuntucve
ubuntucve
CVE-2005-0259
2005-03-14 00:00:00
cve
cve
CVE-2005-0259
2005-03-14 05:00:00
openvas
openvas
FreeBSD Ports: phpbb
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200503-02 (phpbb)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200503-02 (phpbb)
2008-09-24 00:00:00
nessus
nessus
GLSA-200503-02 : phpBB: Multiple vulnerabilities
2005-03-02 00:00:00
phpBB <= 2.0.11 Multiple Vulnerabilities
2005-02-23 00:00:00
FreeBSD : phpbb -- multiple vulnerabilities (326c517a-d029-11d9-9aed-000e0c2e438a)
2005-07-13 00:00:00
gentoo
gentoo
phpBB: Multiple vulnerabilities
2005-03-01 00:00:00
freebsd
freebsd
phpbb -- multiple vulnerabilities
2005-02-22 00:00:00

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

64.1%

JSON
Related for VU:774686
securityvulns1ubuntucve1cve1openvas4nessus3gentoo1freebsd1