FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
326c517a-d029-11d9-9aed-000e0c2e438aphpbb -- multiple vulnerabilities

phpBB is vulnerable to remote exploitation of an input validation vulnerability allows attackers to read the contents of arbitrary system files under the privileges of the webserver. This also allows remote attackers to unlink arbitrary system files under the privileges of the webserver.


Discovery 2005-02-22
Entry 2005-07-09
phpbb
< 2.0.12

12618
12621
12623
CVE-2005-0258
CVE-2005-0259
http://security.gentoo.org/glsa/glsa-200503-02.xml
http://www.idefense.com/application/poi/display?id=205&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=204&type=vulnerabilities
c551ae17-7f00-11d8-868e-000347dd607fmultiple vulnerabilities in phpBB

Users with admin rights can severly damage an phpBB installation, potentially triggered by viewing a page with a malicious link sent by an attacker.


Discovery 2004-03-20
Entry 2004-03-26
Modified 2004-03-29
phpbb
< 2.0.8

http://www.gulftech.org/03202004.php
http://www.phpbb.com/phpBB/viewtopic.php?t=183982
9942
03653079-8594-11d9-afa0-003048705d5aphpbb -- multiple information disclosure vulnerabilities

psoTFX reports:

phpBB Group are pleased to announce the release of phpBB 2.0.12 the "Horray for Furrywood" release. This release addresses a number of bugs and a couple of potential exploits. [...] one of the potential exploits addressed in this release could be serious in certain situations and thus we urge all users, as always, to upgrade to this release as soon as possible. Mostly this release is concerned with eliminating disclosures of information which while useful in debug situations may allow third parties to gain information which could be used to do harm via unknown or unfixed exploits in this or other applications.

The ChangeLog for phpBB 2.0.12 states:

  • Prevented full path display on critical messages
  • Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug - AnthraX101
  • Added exclude list to unsetting globals (if register_globals is on) - SpoofedExistence
  • Fixed arbitrary file disclosure vulnerability in avatar handling functions - AnthraX101
  • Fixed arbitrary file unlink vulnerability in avatar handling functions - AnthraX101
  • Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug (related to AnthraX101's discovery)
  • Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - matrix_killer

Discovery 2005-02-22
Entry 2005-02-23
Modified 2005-02-25
phpbb
< 2.0.12

http://www.phpbb.com/support/documents.php?mode=changelog
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=265423
ports/77943
86526ba4-53c8-11db-8f1a-000a48049292phpbb -- NULL byte injection vulnerability

Secunia reports:

ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system.

Input passed to the "avatar_path" parameter in admin/admin_board.php is not properly sanitised before being used as a configuration variable to store avatar images. This can be exploited to upload and execute arbitrary PHP code by changing "avatar_path" to a file with a trailing NULL byte.

Successful exploitation requires privileges to the administration section.


Discovery 2006-09-12
Entry 2006-10-04
Modified 2006-12-24
phpbb
zh-phpbb-tw
< 2.0.22

20347
CVE-2006-4758
http://secunia.com/advisories/22188/
http://xforce.iss.net/xforce/xfdb/28884
http://www.security.nnov.ru/Odocument221.html
53e711ed-8972-11d9-9ff8-00306e01dda2phpbb -- privilege elevation and path disclosure

The phpbb developer group reports:

phpBB Group announces the release of phpBB 2.0.13, the "Beware of the furries" edition. This release addresses two recent security exploits, one of them critical. They were reported a few days after .12 was released and no one is more annoyed than us, having to release a new version ini such a short period of time. Fortunately both fixes are easy and in each case just one line needs to be edited.


Discovery 2005-02-27
Entry 2005-02-28
Modified 2005-03-05
phpbb
< 2.0.13

http://www.phpbb.com/phpBB/viewtopic.php?t=267563
12678
cfe17ca6-6858-4805-ba1d-a60a61ec9b4dphpBB IP address spoofing

The common.php script always trusts the `X-Forwarded-For' header in the client's HTTP request. A remote user could forge this header in order to bypass any IP address access control lists (ACLs).


Discovery 2004-04-18
Entry 2004-04-23
phpbb
le 2.0.8_2

http://marc.theaimsgroup.com/?l=bugtraq&m=108239864203144
e3cf89f0-53da-11d9-92b7-ceadd4ac2eddphpbb -- arbitrary command execution and other vulnerabilities

The ChangeLog for phpBB 2.0.11 states:

Changes since 2.0.10

  • Fixed vulnerability in highlighting code (very high severity, please update your installation as soon as possible)
  • Fixed unsetting global vars - Matt Kavanagh
  • Fixed XSS vulnerability in username handling - AnthraX101
  • Fixed not confirmed sql injection in username handling - warmth
  • Added check for empty topic id in topic_review function
  • Added visual confirmation mod to code base

Additionally, a US-CERT Technical Cyber Security Alert reports:

phpBB contains an user input validation problem with regard to the parsing of the URL. An intruder can deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board.


Discovery 2004-11-18
Entry 2004-12-22
Modified 2005-01-24
phpbb
< 2.0.11

CVE-2004-1315
ports/74106
TA04-356A
497400
http://www.phpbb.com/support/documents.php?mode=changelog
http://marc.theaimsgroup.com/?l=bugtraq&m=110029415208724
http://marc.theaimsgroup.com/?l=bugtraq&m=110079436714518
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240636
4afacca1-eb9d-11d9-a8bd-000cf18bbe54phpbb -- remote PHP code execution vulnerability

FrSIRT Advisory reports:

A vulnerability was identified in phpBB, which may be exploited by attackers to compromise a vulnerable web server. This flaw is due to an input validation error in the "viewtopic.php" script that does not properly filter the "highlight" parameter before calling the "preg_replace()" function, which may be exploited by remote attackers to execute arbitrary PHP commands with the privileges of the web server.


Discovery 2005-06-28
Entry 2005-07-03
Modified 2005-07-07
phpbb
< 2.0.16

CVE-2005-2086
http://www.frsirt.com/english/advisories/2005/0904
http://www.phpbb.com/phpBB/viewtopic.php?t=302011
70f5b3c6-80f0-11d8-9645-0020ed76ef5aCritical SQL injection in phpBB

Anyone can get admin's username and password's md5 hash via a single web request. A working example is provided in the advisory.


Discovery 2004-03-26
Entry 2004-03-28
phpbb
le 2.0.8

http://marc.theaimsgroup.com/?l=bugtraq&m=108032454818873
9984
a56a72bb-9f72-11d8-9585-0020ed76ef5aphpBB session table exhaustion

The includes/sessions.php unnecessarily adds session item into session table and therefore vulnerable to a denial-of-service attack.


Discovery 2004-03-05
Entry 2004-05-06
phpbb
le 2.0.8_2

http://marc.theaimsgroup.com/?l=bugtraq&m=108256462710010
28c9243a-72ed-11da-8c1d-000e0c2e438aphpbb -- multiple vulnerabilities

Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to:

  • script insertion,
  • bypassing of protetion mechanisms,
  • multiple cross site scripting vulnerabilities,
  • SQL injection,
  • arbitrary code execution

Discovery 2005-10-24
Entry 2006-02-16
phpbb
zh-phpbb-tw
< 2.0.18

15170
15243
CVE-2005-3310
CVE-2005-3415
CVE-2005-3416
CVE-2005-3417
CVE-2005-3418
CVE-2005-3419
CVE-2005-3420
CVE-2005-3536
CVE-2005-3537
http://marc.theaimsgroup.com/?l=bugtraq&m=113017003617987
http://www.hardened-php.net/advisory_172005.75.html
4a0b334d-8d8d-11d9-afa0-003048705d5aphpbb -- Insuffient check against HTML code in usercp_register.php

Neo Security Team reports:

If we specify a variable in the html code (any type: hidden, text, radio, check, etc) with the name allowhtml, allowbbcode or allowsmilies, is going to be on the html, bbcode and smilies in our signature.

This is a low risk vulnerability that allows users to bypass forum-wide configuration.


Discovery 2005-02-28
Entry 2005-03-05
Modified 2005-03-07
phpbb
le 2.0.13

http://marc.theaimsgroup.com/?l=bugtraq&m=110987231502274
http://marc.theaimsgroup.com/?l=bugtraq&m=110988400407204