Invision Power Board ad_member.php Arbitrary File Include

2003-03-09T00:00:00
ID OSVDB:3371
Type osvdb
Reporter OSVDB
Modified 2003-03-09T00:00:00

Description

Vulnerability Description

Invision Power Board allows remote attackers to include arbitrary PHP files. The issue is due to poor sanity checking on arguments supplied to the ad_member.php script. By specifying an arbitrary path, a remote attacker can include a custom configuration file from a remote system, allowing them to execute arbitrary code and more.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Invision Power Services has released a patch (patch_01_111.zip) to address this vulnerability.

Short Description

Invision Power Board allows remote attackers to include arbitrary PHP files. The issue is due to poor sanity checking on arguments supplied to the ad_member.php script. By specifying an arbitrary path, a remote attacker can include a custom configuration file from a remote system, allowing them to execute arbitrary code and more.

References:

Vendor URL: http://www.invisionboard.com/ ISS X-Force ID: 11649 Bugtraq ID: 7204