Bugtraq mailing list archives

Re: Simple Machine Forum - Private section/posts/info disclosure

From: klynn.securityfocus () kevinlynn com
Date: 9 Nov 2007 17:52:58 -0000

This is the second SMF vulnerability announced in the recent weeks that appears to be caused by administrative 
misconfiguration rather than an error in SMF. I have tested this on a default SMF 1.1.4 test environment and it did not 
work for me. 

Given the fact that previous messages from h3llcode or others in your blackroots.it group make mention of the use of 
.htaccess for controlling access to sensitive areas, it seems likely that h3llcode has opened permissions to allow 
escalated privileges to others and is then attempting to control those privileges using .htaccess files. Either that or 
h3llcode is testing the advanced search from an account enabled with escalated privileges already.

h3llcode, please create a default SMF 1.1.4 test environment and report back on your findings. If it can be duplicated 
in a properly configured SMF forum, I'm very interested in knowing about it.

Thank you,
Kevin Lynn, CISSP

Current thread:

Simple Machine Forum - Private section/posts/info disclosure h3llcode (Nov 08)
- Re: Simple Machine Forum - Private section/posts/info disclosure Jindrich Kubec (Nov 09)
- <Possible follow-ups>
- Re: Simple Machine Forum - Private section/posts/info disclosure klynn . securityfocus (Nov 09)