ID CVE-2005-3417
Summary phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
References
Vulnerable Configurations
  • cpe:2.3:a:phpbb_group:phpbb:2.0.0
    cpe:2.3:a:phpbb_group:phpbb:2.0.0
  • cpe:2.3:a:phpbb_group:phpbb:2.0.1
    cpe:2.3:a:phpbb_group:phpbb:2.0.1
  • cpe:2.3:a:phpbb_group:phpbb:2.0.10
    cpe:2.3:a:phpbb_group:phpbb:2.0.10
  • cpe:2.3:a:phpbb_group:phpbb:2.0.11
    cpe:2.3:a:phpbb_group:phpbb:2.0.11
  • cpe:2.3:a:phpbb_group:phpbb:2.0.12
    cpe:2.3:a:phpbb_group:phpbb:2.0.12
  • cpe:2.3:a:phpbb_group:phpbb:2.0.13
    cpe:2.3:a:phpbb_group:phpbb:2.0.13
  • cpe:2.3:a:phpbb_group:phpbb:2.0.14
    cpe:2.3:a:phpbb_group:phpbb:2.0.14
  • cpe:2.3:a:phpbb_group:phpbb:2.0.15
    cpe:2.3:a:phpbb_group:phpbb:2.0.15
  • cpe:2.3:a:phpbb_group:phpbb:2.0.16
    cpe:2.3:a:phpbb_group:phpbb:2.0.16
  • cpe:2.3:a:phpbb_group:phpbb:2.0.17
    cpe:2.3:a:phpbb_group:phpbb:2.0.17
  • cpe:2.3:a:phpbb_group:phpbb:2.0.2
    cpe:2.3:a:phpbb_group:phpbb:2.0.2
  • cpe:2.3:a:phpbb_group:phpbb:2.0.3
    cpe:2.3:a:phpbb_group:phpbb:2.0.3
  • cpe:2.3:a:phpbb_group:phpbb:2.0.4
    cpe:2.3:a:phpbb_group:phpbb:2.0.4
  • cpe:2.3:a:phpbb_group:phpbb:2.0.5
    cpe:2.3:a:phpbb_group:phpbb:2.0.5
  • cpe:2.3:a:phpbb_group:phpbb:2.0.6
    cpe:2.3:a:phpbb_group:phpbb:2.0.6
  • cpe:2.3:a:phpbb_group:phpbb:2.0.6c
    cpe:2.3:a:phpbb_group:phpbb:2.0.6c
  • cpe:2.3:a:phpbb_group:phpbb:2.0.6d
    cpe:2.3:a:phpbb_group:phpbb:2.0.6d
  • cpe:2.3:a:phpbb_group:phpbb:2.0.7
    cpe:2.3:a:phpbb_group:phpbb:2.0.7
  • cpe:2.3:a:phpbb_group:phpbb:2.0.7a
    cpe:2.3:a:phpbb_group:phpbb:2.0.7a
  • cpe:2.3:a:phpbb_group:phpbb:2.0.8
    cpe:2.3:a:phpbb_group:phpbb:2.0.8
  • cpe:2.3:a:phpbb_group:phpbb:2.0.8a
    cpe:2.3:a:phpbb_group:phpbb:2.0.8a
  • cpe:2.3:a:phpbb_group:phpbb:2.0.9
    cpe:2.3:a:phpbb_group:phpbb:2.0.9
  • cpe:2.3:a:phpbb_group:phpbb:2.0_beta1
    cpe:2.3:a:phpbb_group:phpbb:2.0_beta1
  • cpe:2.3:a:phpbb_group:phpbb:2.0_rc1
    cpe:2.3:a:phpbb_group:phpbb:2.0_rc1
  • cpe:2.3:a:phpbb_group:phpbb:2.0_rc2
    cpe:2.3:a:phpbb_group:phpbb:2.0_rc2
  • cpe:2.3:a:phpbb_group:phpbb:2.0_rc3
    cpe:2.3:a:phpbb_group:phpbb:2.0_rc3
  • cpe:2.3:a:phpbb_group:phpbb:2.0_rc4
    cpe:2.3:a:phpbb_group:phpbb:2.0_rc4
CVSS
Base: 7.5 (as of 03-11-2005 - 14:16)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_28C9243A72ED11DA8C1D000E0C2E438A.NASL
    description Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to : - script insertion, - bypassing of protetion mechanisms, - multiple cross site scripting vulnerabilities, - SQL injection, - arbitrary code execution
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 21405
    published 2006-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21405
    title FreeBSD : phpbb -- multiple vulnerabilities (28c9243a-72ed-11da-8c1d-000e0c2e438a)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-925.NASL
    description Several vulnerabilities have been discovered in phpBB, a fully featured and skinnable flat webforum. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-3310 Multiple interpretation errors allow remote authenticated users to inject arbitrary web script when remote avatars and avatar uploading are enabled. - CVE-2005-3415 phpBB allows remote attackers to bypass protection mechanisms that deregister global variables that allows attackers to manipulate the behaviour of phpBB. - CVE-2005-3416 phpBB allows remote attackers to bypass security checks when register_globals is enabled and the session_start function has not been called to handle a session. - CVE-2005-3417 phpBB allows remote attackers to modify global variables and bypass security mechanisms. - CVE-2005-3418 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web scripts. - CVE-2005-3419 A SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands. - CVE-2005-3420 phpBB allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter. - CVE-2005-3536 Missing input sanitising of the topic type allows remote attackers to inject arbitrary SQL commands. - CVE-2005-3537 Missing request validation permitted remote attackers to edit private messages of other users.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22791
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22791
    title Debian DSA-925-1 : phpbb2 - several vulnerabilities
  • NASL family CGI abuses
    NASL id PHPBB_2_0_17.NASL
    description The remote host is running a version of phpBB that, if using PHP 5 with 'register_globals' enabled, fails to properly deregister global variables as well as failing to initialize several variables in various scripts. An attacker may be able to exploit these issues to execute arbitrary code or to conduct SQL injection and cross-site scripting attacks.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 20132
    published 2005-11-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20132
    title phpBB <= 2.0.17 Multiple Vulnerabilities
refmap via4
bid 15243
bugtraq 20051031 Advisory 17/2005: phpBB Multiple Vulnerabilities
debian DSA-925
misc http://www.hardened-php.net/advisory_172005.75.html
osvdb 20414
sectrack 1015121
secunia
  • 17366
  • 18098
sreason 130
Last major update 17-10-2016 - 23:35
Published 01-11-2005 - 16:02
Back to Top