[22187] in bugtraq
Re: Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below
daemon@ATHENA.MIT.EDU (Joao Gouveia)
Fri Aug 10 12:26:44 2001
Message-ID: <001501c121b1$57c152e0$4801290a@crunch2>
From: "Joao Gouveia" <jgouveia@accao.net>
To: <kill-9@modernhackers.com>, <bugtraq@securityfocus.com>
Date: Fri, 10 Aug 2001 16:30:10 +0100
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
This has been reported to phpBB staff on May 16, and forwared to Bugtraq by
me some days ago.
----- Original Message -----
From: <kill-9@modernhackers.com>
To: <bugtraq@securityfocus.com>
Sent: Friday, August 10, 2001 8:20 AM
Subject: Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and
below
> note to editors: please leave all links intact.
> ###########################################
> ########
> Easily and Remotely Pipe a Covert Shell on phpBB
> version 1.4.0 and below
>
> found and written by: kill-9@modernhacker.com
> http://www.modernhacker.com
(...)
> Note: phpBB team has known about this vulnerability
> and failed to alert the public. Their acknoledgement is
> seen in the 1.4.1 source code comments.
See my other post.
> ###########################################
> ########
>
Regards,
Joao Gouveia
--------------
