Signature Detail

HTTP: phpBB Avatar_Path PHP Code Execution

This signature detects attempts to exploit a known vulnerability against phpBB 2.0.18-2.0.21. Attackers can create a malformed request that includes a local path in the Avatar_Path parameters and upload and execute PHP code of choice with the privileges' of the Web server process.

Extended Description

The phpBB application is prone to an arbitrary PHP code-execution vulnerability. If successful, attackers can execute script code with the privileges of the webserver process.

Affected Products

• Debian Linux 3.1.0
• Debian Linux 3.1.0 Alpha
• Debian Linux 3.1.0 Amd64
• Debian Linux 3.1.0 Arm
• Debian Linux 3.1.0 Hppa
• Debian Linux 3.1.0 Ia-32
• Debian Linux 3.1.0 Ia-64
• Debian Linux 3.1.0 M68k
• Debian Linux 3.1.0 Mips
• Debian Linux 3.1.0 Mipsel
• Debian Linux 3.1.0 Ppc
• Debian Linux 3.1.0 S/390
• Debian Linux 3.1.0 Sparc
• Debian Linux 4.0
• Debian Linux 4.0 Alpha
• Debian Linux 4.0 Amd64
• Debian Linux 4.0 Arm
• Debian Linux 4.0 Hppa
• Debian Linux 4.0 Ia-32
• Debian Linux 4.0 Ia-64
• Debian Linux 4.0 M68k
• Debian Linux 4.0 Mips
• Debian Linux 4.0 Mipsel
• Debian Linux 4.0 Powerpc
• Debian Linux 4.0 S/390
• Debian Linux 4.0 Sparc
• phpBB Group phpBB 2.0.13
• phpBB Group phpBB 2.0.18
• phpBB Group phpBB 2.0.20
• phpBB Group phpBB 2.0.21

References

• BugTraq: 20347
• CVE: CVE-2006-4758
• URL: https://alerts.symantec.com/loaddocument.aspx?GUID=7b963cde-58bc-466c-b2a9-f247873e1a87
• URL: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624