Bugtraq mailing list archives

Re: Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below

From: "Joao Gouveia" <jgouveia () accao net>
Date: Fri, 10 Aug 2001 16:30:10 +0100

This has been reported to phpBB staff on May 16, and forwared to Bugtraq by
me some days ago.


----- Original Message -----
From: <kill-9 () modernhackers com>
To: <bugtraq () securityfocus com>
Sent: Friday, August 10, 2001 8:20 AM
Subject: Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and
below

note to editors: please leave all links intact.
###########################################
########
Easily and Remotely Pipe a Covert Shell on phpBB
version 1.4.0 and below

found and written by: kill-9 () modernhacker com
http://www.modernhacker.com

(...)

Note: phpBB team has known about this vulnerability
and failed to alert the public. Their acknoledgement is
seen in the 1.4.1 source code comments.


See my other post.

###########################################
########


Regards,

Joao Gouveia
--------------

Current thread:

Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below kill-9 (Aug 10)
- Re: Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below Joao Gouveia (Aug 10)