Info

Disclosure

Sep 17, 2005

Discovery

Jul 20, 2005

Dates

Exploit

Sep 17, 2005

Solution

Unknown

Description

vBulletin contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when a remote authenticated attacker uploads a crafted file then directly requests it. Because the system does not fully validate file types or extensions, it will allow files with arbitrary commands to be uploaded and executed.

Classification

Location: Remote/Network Access Required
Attack Type: Misconfiguration
Impact: Loss of Integrity
Exploit: Exploit Available
OSVDB: Web Related

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Jelsoft Enterprises Limited

vBulletin

3.0.8

References

Secunia Advisory ID: 16873
Related OSVDB ID: 19534 19538 19544 19545 19546
CVE ID: 2005-3021 (see also: NVD)
ISS X-Force ID: 22325
Keyword: BuHa Security-Advisory #3
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-09/0224.html
Other Advisory URL: http://morph3us.org/advisories/20050917-vbulletin-3.0.8.txt
Vendor URL: http://vbulletin.com/
Vendor Specific News/Changelog Entry: http://www.vbulletin.com/forum/showthread.php?p=961409

Credit

Thomas Waldegger - bugtraqmorph3us.org -

Direct URL: http://osvdb.org/36218