re: About phpbb vulnerability

[Anders Blockmar <anders.blockmar () exicom se>]

What version of PHP are you using?

I don't know anyting about phpbb but there was an upload-related security
hole in PHP in genereal a few versions back.

I have searched http://www.securityfocus.com/bid/ without finding any
upload-bugs for phpbb. There is quite alot of other bugs thou.

regard,

Anders

> -----Ursprungligt meddelande-----
> Från: Marc Soler [mailto:msoler () el-valles com]
> Skickat: den 28 januari 2004 19:39
> Till: security-basics () securityfocus com
> Ämne: About phpbb vulnerability
>
>
> Hi all,
>
> Someone knows that it has been noticed some bug in phpbb that
> allows bad boys to upload file to the server when phpbb is installed?
> (Phpbb is a extended PHP-based board bulletin.)
>
> We have hack problems in our server and we suspect that is 
> from php scripts
> uploaded using some phpbb hole.
>
> I have googled about some known phpbb holes, but I haven't found
> anything about upload files vulnerability.
>
> Someone have information related?
>
> Thanks in advance.
>
> PS: Sorry about my no-native english
>
> --
> Marc Soler

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------