SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
IT News
Search
SecurityAlert Database
About SecurityAlert
ExploitAlert Database
SecurityReason Research
WLB
WLB Database
Send to WLB
About WLB
Services
Security Audit
Schedule
Prices of services
Contact
RSS
SecurityReason IT News
SecurityAlert
World Laboratory of Bugtraq
ExploitAlert
Apache
PHP
Corporate
Contact
About SecurityReason
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com
Home arrow SecurityAlert Database

Arrow  Topic :

Multiple Bugs in MyBB 1.0 PR2 Rev 686(Updated Nov 1, 2005)


Arrow  SecurityAlert : 175
Arrow  CVE : CVE-2005-3777
Arrow  SecurityRisk : Low  Security Risk Low  (About)
Arrow  Remote Exploit : Yes
Arrow  Local Exploit : No
Arrow  Exploit Available : No
Arrow  Credit : syini666 gmail com
Arrow  Published : 14.11.2005

Arrow  Affected Software : MyBB



Arrow  Advisory Content :  

Description: MyBB is a powerful, efficient and free forum package
developed in PHP and MySQL. MyBB has been designed with the end users
in mind, you and your subscribers. Full control over your discussion
system is presented right at the tip of your fingers, from multiple
styles and themes to the ultimate customisation of your forums using
the template system.

Bug 1: The Subject field for new threads doesn't sanitize user input before
storing it in the database allowing for injection of HTML as well as
JavaScript which could lead to the theft of cookies

Bug 2: The Repuration system allows for similar injection of HTML and
JavaScript which renders on the UserCP

Bug 3: By editing the inbox form which has delete and move options for PMs
its possible to specify any pm in any inbox just by knowing or guessing the
id number.

Bug #1 was marked as fixed in the MyBB forums but as of the November 1st
release on the website the bug has in fact not been fixed. Information
regarding the 3rd bug was sent via PM to the MyBB staff on the 27th of
October but was also not pactched in the latest version.

I generally don't like to comment outside of the actual bugs but I feel
that marking items as patched and then not fixing them is irresponsible and
at this point I would advise anyone considering MyBB as a forum platform to
honestly look elsewhere as they have some issues in resolving bugs.

--
"The Nelson-Shepherd cutoff: The point at which you realise someone is an
idiot while trying to help them."




Arrow  Feedback :

If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
Alert

libc/fnmatch(3) DoS

Security Risk Medium- 2011-05-13

Allow attacker to denial of service apache 2.2.17 server
Apache RSS Apache Alert

» Apache HTTP Server Denial
   of Service Vulnerability

» Multiple Vendors
   libc/fnmatch(3) DoS (incl
   apache poc)

» Apache Continuum
   cross-site scripting
   vulnerability

» Apache Tomcat DoS
   Vulnerability
PHP RSS PHP Alert

» PHP Hashtables Denial of
   Service

» PHP 5.3.6 multiple null
   pointer dereference

» PHP 5.3.6 ZipArchive
   invalid use glob(3)

» libzip 0.9.3
   _zip_name_locate NULL
   Pointer Dereference (incl
   PHP 5.3.5)
ADT

Protect your family and valuables with Home Security Systems
Copyright © SecurityReason.com. All Rights Reserved.