FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpBB session table exhaustion

Affected packages
		phpbb	<=	2.0.8_2

Details

VuXML ID	a56a72bb-9f72-11d8-9585-0020ed76ef5a
Discovery	2004-03-05
Entry	2004-05-06

The includes/sessions.php unnecessarily adds session item into session table and therefore vulnerable to a denial-of-service attack.

References

Message

20040421011055.GA1448@frontfree.net

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.