phpBB < 2.0.22 Multiple Vulnerabilities

critical Nessus Plugin ID 23968

Synopsis

The remote web server contains a PHP application that is affected by multiple vulnerabilities.

Description

The version of phpBB installed on the remote host fails to properly block 'bad' redirection targets. In addition, it reportedly contains a non-persistent cross-site scripting flaw involving its private messaging functionality and several other issues. At a minimum, a remote attacker can leverage these flaws to launch cross-site scripting attacks against the affected application.

Solution

Upgrade to phpBB 2.0.22 or later.

See Also

https://www.phpbb.com/community/viewtopic.php?f=14&t=489624

Plugin Details

Severity: Critical

ID: 23968

File Name: phpbb_2022.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 1/3/2007

Updated: 4/11/2022

Configuration: Enable thorough checks

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:phpbb_group:phpbb

Required KB Items: www/phpBB

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 12/7/2006

Reference Information

CVE: CVE-2006-4758, CVE-2006-6421, CVE-2006-6839, CVE-2006-6840, CVE-2006-6841

BID: 20347, 21806, 22001

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990