[24063] in bugtraq
Re: Fairly serious vulnerability in vBulletin 2.2.0
daemon@ATHENA.MIT.EDU (Sam Sargeant)
Thu Jan 31 18:20:40 2002
Date: Fri, 1 Feb 2002 11:23:18 +1300
From: Sam Sargeant <sam@whackass.com>
To: HarryM <harrym@the-group.org>
Cc: bugtraq@securityfocus.com
Message-ID: <20020201112318.A17888@richie.whackass.com>
Mail-Followup-To: HarryM <harrym@the-group.org>,
bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="J2SCkAp4GZ/dPZZf"
Content-Disposition: inline
In-Reply-To: <003201c1aa0e$53613c70$866895d9@artadesk>; from harrym@the-group.org on Thu, Jan 31, 2002 at 04:18:23AM -0000
--J2SCkAp4GZ/dPZZf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jan 31, 2002 at 04:18:23AM -0000, HarryM wrote:
> Solution:
> Ensure that $bbuserid, $bbpassword, and the rest of the cookied variables
> are coming from the cookie and not from GET or POST data, by using the
> $HTTP_COOKIE array.
Unfortunately, this is nothing more than a workaround too. It's trivial to
create your own cookie jar with the appropriate data.
--=20
Sam Sargeant <sam@whackass.com>=20
------------------------------------------------------------------------
"The whole problem with the world is that fools and fanatics are
always so certain of themselves, and wiser people so full of doubts."
- Bertrand Russell
--J2SCkAp4GZ/dPZZf
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8WcPWafexJ0PANqgRAou2AJ9prYJZzq9mUC2lspc9MxoCHCTgBgCeLigh
rioARkKe80GfB2vAiYZuk3A=
=g5jM
-----END PGP SIGNATURE-----
--J2SCkAp4GZ/dPZZf--
