NTA Monitor

Latest News

IT Managers get to grips with Internet security issues

4th May 2010 According to NTA Monitor's 2010 Annual Security Report, the average number of Internet security vulnerabilities afflicting organisations has fallen.. Read More

Will IE6 be the next NT4?

1st October 2009 All penetration testers will remember the long tail of Windows NT 4.0, and how this operating system continued to be used long past the point when security updates stopped at the end of 2004. For many years the presence of an unpatchable NT4 server was a common issue in a penetration test report, and it is only now, almost five years after security support ended, that finding an NT4 system on a network is becoming a rare event. Read More

One in four web applications susceptible to high risk security flaws

7th September 2009 NTA Monitor has reported a 10% increase in the total number of web applications found to have at least one high-risk security issue... Read More

Organisations facing a changing threat landscape

20th July 2009 According to NTA Monitor's 2009 Annual Security Report, the average number of Internet security vulnerabilities is on the rise... Read More
Date: 30th December 2005
Risk: High

Some vulnerabilities have been reported in phpBB by the security firm Secunia, which can be exploited to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions and compromise a vulnerable system.

Details of the vulnerabilities:

  1. Some errors where global variables defined by the user are not properly unset can be exploited in combination with certain input validation errors to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This can also be exploited to manipulate SQL queries by injecting arbitrary SQL code and inject and execute arbitrary PHP code.
    • Successful exploitation requires that "register_globals" is enabled and that the server runs PHP 5.
    • The vulnerabilities have been reported in version 2.0.17 and prior.
  2. An error in the removing of orphaned entries can be exploited by non moderators to delete shadow topic links.
    • Successful exploitation requires knowledge of the topic ID for a "shadow topic" entry.
  3. An error in the handling of logout requests can be exploited to logout users who views a malicious post containing an "img" BBcode tag referencing a specially crafted URL.

References

http://secunia.com/advisories/17366/ http://www.hardened-php.net/advisory_172005.75.html