MBoard Orig_ID Input Validation Vulnerability
BID:21304
Info
MBoard Orig_ID Input Validation Vulnerability
| Bugtraq ID: | 21304 |
| Class: | Input Validation Error |
| CVE: |
CVE-2006-6262 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 27 2006 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | Mayhemic Labs Security is credited with the discovery of this issue. |
| Vulnerable: |
Klemen Stirn MBoard 1.22 |
| Not Vulnerable: |
Klemen Stirn MBoard 1.3 |
Discussion
MBoard Orig_ID Input Validation Vulnerability
MBoard is prone to an input-validation vulnerability because it fails to sanitize user-supplied input.
Attackers could exploit this issue to write blank files with the permissions of the application.
Versions prior to 1.3 are vulnerable.
MBoard is prone to an input-validation vulnerability because it fails to sanitize user-supplied input.
Attackers could exploit this issue to write blank files with the permissions of the application.
Versions prior to 1.3 are vulnerable.
Exploit / POC
MBoard Orig_ID Input Validation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
MBoard Orig_ID Input Validation Vulnerability
Solution:
The vendor has released version 1.3 to address this issue. Please see the references for more information.
Klemen Stirn MBoard 1.22
Solution:
The vendor has released version 1.3 to address this issue. Please see the references for more information.
Klemen Stirn MBoard 1.22
-
Klemen Stirn MBoard 1.3
http://www.phpjunkyard.com/download.php?script=mboard
References
MBoard Orig_ID Input Validation Vulnerability
References:
References:
- MBoard Homepage (Klemen Stirn)
- MHL-2006-003 Public Advisory: "mboard" file creation issue (Mayhemic Labs Security)