Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

MyBB < 1.6.14 DoS

Medium

Synopsis

The remote web server is running a PHP application that is vulnerable to a denial of service vulnerability.

Description

The remote web server hosts MyBulletinBoard, a web-based discussion board application. Versions of MyBB 1.6.x before 1.6.14 are potentially affected by a denial of service vulnerability when handling malformed emails. An attacker can exploit this issue to crash the application or deny service to legitimate users. This issue specifically affects the 'sendthread.php' script, which is used to share forum threads between friends via email.

Solution

Upgrade to MyBB 1.6.14 or later.