Detections
Analytics
phpBB Multiple Module phpbb_root_path Parameter Remote File Inclusion
medium Nessus Plugin ID 21323
Language:
Synopsis
The remote web server contains a PHP application that is prone to remote file include attacks.Description
The remote host contains a third-party module for phpBB.The version of at least one such component or module installed on the remote host fails to sanitize input to the 'phpbb_root_path' parameter before using it to include PHP code. Provided PHP's 'register_globals' setting is enabled, an unauthenticated attacker may be able to exploit these flaws to view arbitrary files on the remote host or to execute arbitrary PHP code, possibly taken from third-party hosts.
Solution
Disable PHP's 'register_globals' setting or contact the product's author to see if an upgrade exists.See Also
http://www.nessus.org/u?9640ab6a
https://seclists.org/bugtraq/2006/Oct/209
https://www.phpbb.com/community/viewtopic.php?p=2504370&highlight=#2504370
https://www.securityfocus.com/archive/1/452012/30/0/threaded
https://www.securityfocus.com/archive/1/479997/30/0/threaded
Plugin Details
Severity: Medium
ID: 21323
File Name: phpbb_auction_phpbb_root_path_file_include.nasl
Version: 1.42
Type: remote
Family: CGI abuses
Published: 5/4/2006
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.6
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:phpbb_group:phpbb-auction
Required KB Items: www/phpBB
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Vulnerability Publication Date: 5/3/2006
Exploitable With
CANVAS (CANVAS)
Reference Information
CVE: CVE-2006-2245, CVE-2006-5301, CVE-2006-5306, CVE-2006-5390, CVE-2006-5418, CVE-2006-7090, CVE-2006-7100, CVE-2006-7147, CVE-2007-5009, CVE-2007-5100
BID: 17822, 20484, 20485, 20493, 20501, 20518, 20525, 20558, 20571, 21171, 25737, 25776
CWE: 94