I'm neither a coder nor a security expert, but it seems to me that PNphpbb (the phpBB forum for Postnuke) has this problem as well. The viewtopic.php in PNphpbb contains the exact same codeblock as is show in the topic listed below. Is it safe to assume that the posted fix will work on PNphpbb as well, since the codeblock is the same? Thanks, Ron Brinker -----Original Message----- From: Paul S. Owen [mailto:paul0x01@xxxxxxxxxxxxxx] Sent: Thursday, November 18, 2004 7:34 AM To: bugtraq@xxxxxxxxxxxxxxxxx Subject: EXEC exploit in phpBB - fix Following additional information supplied to us by a party other than "howdark.com" we can confirm the existence of a serious exploit in phpBB, in all versions below 2.0.11. We will not post concept of proof information given the seriousness of this issue. Unfortunately howdark.com group have chosen to as a personal vendetta against phpbb.com. We are preparing full, changed files and patch based releases which fix this issue (and several other bugs/issues). While we are testing this we urge all phpBB users to implement the fix given in the following announcement at phpbb.com: http://www.phpbb.com/phpBB/viewtopic.php?t=240513 Please spread this information far and wide, all hosting providers if possible please inform your users. Anyone copying the howdark.com exploit _please_ ensure you also include details of the fix noted in the above post! PS: Thanks to the bugtraq moderators for moderating out a previous post of mine, ta muchly for that :)
