phpBB sessions.php Session ID Injection

2004-07-13T09:15:10
ID OSVDB:7811
Type osvdb
Reporter Bartlomiej Korupczynski()
Modified 2004-07-13T09:15:10

Description

Vulnerability Description

phpBB contains a flaw related to the Session ID tracking that may allow an attacker to inject false session data. No further details have been provided.

Solution Description

Upgrade to version 2.0.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

phpBB contains a flaw related to the Session ID tracking that may allow an attacker to inject false session data. No further details have been provided.

References:

Vendor URL: http://www.phpbb.com/ Vendor Specific Advisory URL Secunia Advisory ID:12055 Related OSVDB ID: 7810 Related OSVDB ID: 7809 Related OSVDB ID: 7812 Related OSVDB ID: 7813 Related OSVDB ID: 7815 Related OSVDB ID: 7808 Related OSVDB ID: 7814 Nessus Plugin ID:13655