TriBBS Daily Byte Limit File Download Bypass

1993-07-12T00:00:00
ID OSVDB:14737
Type osvdb
Reporter OSVDB
Modified 1993-07-12T00:00:00

Description

Vulnerability Description

TriBBS contains a flaw that may allow a user to bypass file download restrictions. The BBS can be configured to restrict file downloads via a "Daily Byte Limit". This option can be bypassed by any user on the system by using the Archive Menu to create a temporary archive, flag all files in it for download, and then download them. The system does not properly track these downloads and apply them to the user account.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

TriBBS contains a flaw that may allow a user to bypass file download restrictions. The BBS can be configured to restrict file downloads via a "Daily Byte Limit". This option can be bypassed by any user on the system by using the Archive Menu to create a temporary archive, flag all files in it for download, and then download them. The system does not properly track these downloads and apply them to the user account.

References:

Generic Informational URL: http://software.bbsdocumentary.com/IBM/DOS/TRIBBS/