Title: SIR GNUBoard File Upload Extension Restriction Bypass Vulnerability
Severity: MODERATE
Description:
SIR GNUBoard is a bulletin board system that supports the Korean language. It is freely available for all platforms that supports PHP and MySQL.
GNUBoard does not properly validate the file extensions of files uploaded by remote users. This could allow malicious script files to be uploaded to a Web site running GNUBoard.
The issue exists in the gbupdate.php module of the software. This module filters files with php, htm, cgi, and pl extensions. However, the check for file extensions is case sensitive, allowing a remote user to upload arbitrary script files that should not be permitted.
Script code uploaded to the site in such a way could potentially be executed in the browser of a user visiting the site.
Affected Products:
- SIR GNUBoard 3.30.0
- SIR GNUBoard 3.31.0
- SIR GNUBoard 3.32.0
- SIR GNUBoard 3.33.0
- SIR GNUBoard 3.34.0
- SIR GNUBoard 3.35.0
- SIR GNUBoard 3.36.0
- SIR GNUBoard 3.37.0
- SIR GNUBoard 3.38.0
- SIR GNUBoard 3.39.0
- SIR GNUBoard 3.40.0
References:
- SIR: Vendor Home Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
