| VID |
210026 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Ultimate PHP Board is vulnerable to a remote command execution vulnerability in the chat/login.php script. Ultimate PHP Board (UPB) is a freely available, open source PHP Bulletin Board for the Unix, Linux, and Windows operating systems. Ultimate PHP Board version 2.0b1 and earlier versions could allow a remote attacker to execute arbitrary commands on the affected host, caused by improper validation of user-supplied input to the 'username' parameter of the 'chat/login.php' script before writing it to 'chat/text.php'. By sending a send specially-crafted requests to the 'chat/login.php' script using the username parameter, a remote attacker could execute arbitrary shell commands with the privileges of the Web server.
* References:
http://milw0rm.com/exploits/2999
http://www.securityfocus.com/data/vulnerabilities/exploits/21760.pl
http://www.frsirt.com/english/advisories/2006/5181
* Platforms Affected:
X-Crew, Ultimate PHP Board version 2.0b1 and earlier versions
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of January 2007.
Upgrade to the latest version of Ultimate PHP Board (UPB), when new fixed version becomes available from the MyUPB Download Web site at http://www.myupb.com/ourscripts_upb.php |
| Related URL |
CVE-2006-6790 (CVE) |
| Related URL |
21760 (SecurityFocus) |
| Related URL |
31105 (ISS) |
|
