| VID |
21474 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The vBulletin software is vulnerable to a remote command execution vulnerability in the forumdisplay.php. vBulletin is a PHP-based Web forum, developed by Jelsoft Enterprises, that uses a MySQL database. vBulletin versions 3.0 to 3.0.4 could allow a remote attacker to arbitrary commands with the web server's privileges by exploiting an unfiltered parameter in the 'forumdisplay.php' script when the 'showforumusers' option has been enabled. By sending a malicious request to the vulnerable script through the 'comma' parameter that includes arbitrary commands supplied through the PHP 'system()' call, a remote attacker could execute arbitrary system commands with the privileges of the web server.
* References:
http://www.securityfocus.com/archive/1/390380
* Platforms Affected:
Jelsoft Enterprises Limited, vBulletin versions 3.0 to 3.0.4
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of vBulletin (3.0.5 or later), available from the vBulletin Download page at http://www.vbulletin.com/download.php
-- OR --
As a wordaround, disable showforumusers in vBulletin options. |
| Related URL |
CVE-2005-0429 (CVE) |
| Related URL |
12542 (SecurityFocus) |
| Related URL |
(ISS) |
|
