Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » PHPBB2 Install.PHP Remote File Include Vulnerability

PHPBB2 Install.PHP Remote File Include Vulnerability

by Nikola Strahija on June 20th, 2002 A problem has been discovered in phpBB2 which may enable an attacker to include an arbitrary attacker-supplied file which is located on a remote host. An attacker may exploit this issue by supplying the location of a remote file as the value for the 'phpbb_root_path' URL parameter.


In the case that the remote file is a PHP script, this may allow commands to be executed remotely with the privileges of the webserver. This is especially a concern for hosts running Microsoft Windows operating systems, as webservers are generally run with SYSTEM privileges on these platforms.

Remote: Yes

Exploit: No

Solution: Reportedly, exploitation of this type of vulnerability is not possible unless both 'allow_url_fopen' and 'register_globals' are enabled in the local site PHP configuration.

It is good practice to disable any unneeded options.

The installation document distributed with phpBB instructs users to delete 'install.php', 'upgrade.php' and 'update_to_FINAL.php' files.

Vulnerable:

phpBB Group phpBB 2.0 .0:
phpBB Group phpBB 2.0 RC4:
phpBB Group phpBB 2.0 RC3:
phpBB Group phpBB 2.0 RC2:
phpBB Group phpBB 2.0 RC1:
phpBB Group phpBB 2.0.1:


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »