Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » YaBB.cgi vulnerability

YaBB.cgi vulnerability

by Nikola Strahija on June 22nd, 2002 problem: Cross-Site Scripting affected: YaBB 1 Gold SP1 and earlier versions explaination: When accessing a thread that doesn't exist, YaBB will give an error about the board not existing. Example: http://some.site.com/cgi-bin/YaBB/YaBB.cgi?board=BOARD &action=display&num=NULL


This will trigger an error in the CGI script and output the
following:
This topic doesn't exist on this board. NULL : 96.

The problem here should be fairly obvious. By crafting
JavaScript code in place of NULL, a malicious user can trick
someone into running the code of their choice, since YaBB
doesn't filter user input/script output.
risk: Due to the simplicity of the attack and the number of sites
that run YaBB, the risk is classified as Medium to High.
status: Vendor was notified 05/14/02.
exploit: http://some.site.com/cgi-bin/YaBB/YaBB.cgi?board=BOARD
&action=display&num=alert()
fix: Upgrade to a newer version of YaBB

+-------- -- -
+ credits
+----- -- -
Bug was found by methodic of AngryPacket security group.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »