MyBB Community Forums

I wasn't aware there was a year called 0000
URL: https://community.mybb.com/calendar.php?...8888999999

Screenshots:




Description: A specially crafted URL "calendar.php?action=dayview&calendar=1&year=-2147483649&month=11&day=4" will either timeout, display a PHP error disclosing the file system path, or if PHP Errors are disabled (such as on mybb.com) will simply display a blank screen.

I've merged your two calendar threads together too, as both are about similar issues in the calendar system related to input checking.

Hi,

Thank you for your report. We have pushed this issue to our Github repository for further analysis where you can track our commits and progress with fixing this bug. Discussions regarding this bug may also take place there too.

Follow this link to visit the issue on Github: https://github.com/mybb/mybb/issues/2854

Thanks for contributing to MyBB!

Regards,
The MyBB Group

(2017-10-01, 09:41 PM)Euan T Wrote: [ -> ]I've merged your two calendar threads together too, as both are about similar issues in the calendar system related to input checking.

One causes display issues - other causes excessive CPU usage (remind me and I’ll post stats) and is probably a Denial Of Service Attack Vector. At this point they’re merged but keep in mind I think they are very separate issues.

The root cause and the fix are basically the same, hence the merge. The issue in both cases is caused by a lack of input validation.

(2017-10-02, 07:46 AM)Euan T Wrote: [ -> ]The root cause and the fix are basically the same, hence the merge. The issue in both cases is caused by a lack of input validation.

Less requests per second for a quick & easy DDoS