ThWboard header.inc.php Session Hijack

2004-01-09T00:00:00
ID OSVDB:4817
Type osvdb
Reporter theDon()
Modified 2004-01-09T00:00:00

Description

Vulnerability Description

ThWboard contains a flaw that may allow a user to hijack the session of an arbitrary user. The issue is due to the software not properly checking session ID verse user IP address. If a user is logged in under their own account and sends a link that includes the session ID, the next user who clicks the link will gain the privileges and credentials of the first.

Technical Description

This issue affects reply.php, edit.php, newtopic.php, and pm.php.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, ThWboard has released a patch to address this vulnerability.

Short Description

ThWboard contains a flaw that may allow a user to hijack the session of an arbitrary user. The issue is due to the software not properly checking session ID verse user IP address. If a user is logged in under their own account and sends a link that includes the session ID, the next user who clicks the link will gain the privileges and credentials of the first.

References:

Vendor URL: http://www.thwboard.de/ Vendor Specific Advisory URL Vendor Specific Advisory URL Mail List Post: http://www.thwboard.de/forum/showtopic.php?thread[threadid]=5379 Keyword: edit.php Keyword: reply.php Keyword: newtopic.php Keyword: pm.php