MyBB < 1.6.14 DoS
Medium Nessus Network Monitor Plugin ID 8630
SynopsisThe remote web server is running a PHP application that is vulnerable to a denial of service vulnerability.
DescriptionThe remote web server hosts MyBulletinBoard, a web-based discussion board application. Versions of MyBB 1.6.x before 1.6.14 are potentially affected by a denial of service vulnerability when handling malformed emails. An attacker can exploit this issue to crash the application or deny service to legitimate users. This issue specifically affects the 'sendthread.php' script, which is used to share forum threads between friends via email.
SolutionUpgrade to MyBB 1.6.14 or later.