FunkBoard profile.php unauthorized password modification
| funkboard-profile-password-modification (26912) |  Medium Risk |
Description:
FunkBoard could allow a remote attacker to perform unauthorized password changes. An attacker could send a specially-crafted HTTP POST request to the profile.php script, which could allow an attacker to change any known user's password, including the administrator password, which could allow the attacker to gain unauthorized access to the application.
Platforms Affected:
- FunkBoard, FunkBoard CFO.71
Remedy:
Refer to the FunkBoard Web site for patch information. See References.
Consequences:
Bypass Security
References:
- FunkBoard Web site, What is FunkBoard CF at http://www.funkboard.co.uk/whatitdoes.htm.
- CVE-2006-2896: profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.
- SA20433: FunkBoard Authentication Bypass and Cross-Site Scripting
- VUPEN/ADV-2006-2158: FunkBoard Remote Authentication Bypass and Cross Site Scripting Vulnerabilities
Reported:
Jun 04, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net