Signature Detail
Short Name |
HTTP:PHP:VBULLETIN-CODE-EXEC |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
vBulletin PHP Code Execution |
Release Date |
2005/03/02 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: vBulletin PHP Code Execution
This signature detect an attack against the vbulletin Web application. Successful exploitation of this vulnerability can lead to an arbitrary code execution within the context of the Web server.
Extended Description
vBulletin is reported prone to an arbitrary PHP script code execution vulnerability. The issue is reported to exist due to a lack of sufficient input sanitization performed on user-supplied data before this data is included in a dynamically generated script. This vulnerability is reported to affect vBulletin board versions up to and including 3.0.6 that are configured with 'Add Template Name in HTML Comments' functionality enabled.
Affected Products
- VBulletin 1.0.1 lite
- VBulletin 2.0.0 rc 2
- VBulletin 2.0.0 rc 3
- VBulletin 2.0.3
- VBulletin 2.2.0 .0
- VBulletin 2.2.1
- VBulletin 2.2.2
- VBulletin 2.2.3
- VBulletin 2.2.4
- VBulletin 2.2.5
- VBulletin 2.2.6
- VBulletin 2.2.7
- VBulletin 2.2.8
- VBulletin 2.2.9
- VBulletin 2.3.0 .0
- VBulletin 2.3.2
- VBulletin 2.3.3
- VBulletin 2.3.4
- VBulletin 3.0.0
- VBulletin 3.0.0 Beta 2
- VBulletin 3.0.0 Beta 3
- VBulletin 3.0.0 Beta 4
- VBulletin 3.0.0 Beta 5
- VBulletin 3.0.0 Beta 6
- VBulletin 3.0.0 Beta 7
- VBulletin 3.0.0 Gamma
- VBulletin 3.0.1
- VBulletin 3.0.2
- VBulletin 3.0.3
- VBulletin 3.0.4
- VBulletin 3.0.5
- VBulletin 3.0.6
References
- BugTraq: 12622
- CVE: CVE-2005-0511
- URL: http://www.milw0rm.com/id.php?id=832
- URL: http://www.vbulletin.com/forum/showthread.php?t=130591