Detections
Analytics

Debian DSA-925-1 : phpbb2 - several vulnerabilities

high Nessus Plugin ID 22791

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in phpBB, a fully featured and skinnable flat webforum. The Common Vulnerabilities and Exposures project identifies the following problems :

 - CVE-2005-3310 Multiple interpretation errors allow remote authenticated users to inject arbitrary web script when remote avatars and avatar uploading are enabled.

 - CVE-2005-3415 phpBB allows remote attackers to bypass protection mechanisms that deregister global variables that allows attackers to manipulate the behaviour of phpBB.

 - CVE-2005-3416 phpBB allows remote attackers to bypass security checks when register_globals is enabled and the session_start function has not been called to handle a session.

 - CVE-2005-3417 phpBB allows remote attackers to modify global variables and bypass security mechanisms.

 - CVE-2005-3418 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web scripts.

 - CVE-2005-3419 A SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands.

 - CVE-2005-3420 phpBB allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter.

 - CVE-2005-3536 Missing input sanitising of the topic type allows remote attackers to inject arbitrary SQL commands.

 - CVE-2005-3537 Missing request validation permitted remote attackers to edit private messages of other users.

Solution

Upgrade the phpbb2 packages.

The old stable distribution (woody) does not contain phpbb2 packages.

For the stable distribution (sarge) these problems have been fixed in version 2.0.13+1-6sarge2.

See Also

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=35662

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336582

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336587

http://www.debian.org/security/2005/dsa-925

Plugin Details

Severity: High

ID: 22791

File Name: debian_DSA-925.nasl

Version: 1.22

Type: local

Agent: unix

Published: 10/14/2006

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:phpbb2, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 12/22/2005

Vulnerability Publication Date: 9/22/2005

Reference Information

CVE: CVE-2005-3310, CVE-2005-3415, CVE-2005-3416, CVE-2005-3417, CVE-2005-3418, CVE-2005-3419, CVE-2005-3420, CVE-2005-3477, CVE-2005-3536, CVE-2005-3537, CVE-2005-3975, CVE-2005-4426

BID: 15170, 15243

DSA: 925