Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3758

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3758
Last Modified 05 Sep 2008 05:07:59
Published 21 Jul 2006 10:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3758

Summary

inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1.4 calls the extract function with EXTR_OVERWRITE on HTTP POST and GET variables, which allows remote attackers to overwrite arbitrary variables, as demonstrated via an SQL injection using the _SERVER[HTTP_CLIENT_IP] parameter in archive/index.php.

Vulnerable Systems

Application

  • Mybulletinboard 1.1.4


References

XF - mybb-index-sql-injection(27445)

SECUNIA - 20873

OSVDB - 26809

CONFIRM - http://www.mybboard.com/archive.php?nid=15

MISC - http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html

CONFIRM - http://community.mybboard.net/showthread.php?tid=10115


Last Updated: 27 May 2016 10:43:06