FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpbb -- multiple vulnerabilities

Affected packages
phpbb < 2.0.12

Details

VuXML ID 326c517a-d029-11d9-9aed-000e0c2e438a
Discovery 2005-02-22
Entry 2005-07-09

phpBB is vulnerable to remote exploitation of an input validation vulnerability allows attackers to read the contents of arbitrary system files under the privileges of the webserver. This also allows remote attackers to unlink arbitrary system files under the privileges of the webserver.

References

Bugtraq ID 12618
Bugtraq ID 12621
Bugtraq ID 12623
CVE Name CVE-2005-0258
CVE Name CVE-2005-0259
URL http://security.gentoo.org/glsa/glsa-200503-02.xml
URL http://www.idefense.com/application/poi/display?id=204&type=vulnerabilities
URL http://www.idefense.com/application/poi/display?id=205&type=vulnerabilities