HTTP: YabbSE Packages.php Code Execution

This signature detects attempts to exploit a known vulnerability against Packages.php in YabbSE. YabbSE 1.5.0 and earlier are vulnerable. Attackers can include remote malicious code in Packages.php that can allow them to execute arbitrary commands with Web server privileges.

Extended Description

YaBB SE allows remote users to influence the location of included files. A remote attacker may exploit this condition to cause an external, attacker-supplied file to be included and executed by YABB SE. This may allow a remote attacker to execute arbitrary commands in the context of the webserver.

Affected Products

Yabb_se yabb_se

References

BugTraq: 6663

URL: http://www.yabbse.org/community/index.php?board=9;action=display;threadid=17919 http://www.securiteam.com/securitynews/5DP0N0K8UA.html http://seclists.org/lists/bugtraq/2003/Jan/0189.html

Short Name

HTTP:PHP:YABBSE-PKG-EXEC

Severity

Major

Recommended

False

Recommended Action

Drop

HTTP: YabbSE Packages.php Code Execution

Extended Description

Affected Products

References

Found a potential security threat?