MyBB Community Forums
Potential Exploit - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Archived Development and Support (https://community.mybb.com/forum-155.html)
+----- Forum: MyBB 1.2 Series (https://community.mybb.com/forum-3.html)
+------ Forum: MyBB 1.2 General Support (https://community.mybb.com/forum-4.html)
+------ Thread: Potential Exploit (/thread-9717.html)

Pages: 1 2


Potential Exploit - UtopiaSoft - 2006-06-14

I run a MyBB forum and I just saw today that there is a registered user by the name of

'.system(getenv(HTTP_J)).'

I'm wondering a few things.

Is there a known exploit involving this?
I was running 1.1.2 at the time. Just up'd to 1.1.3. Because I was running the old version, was the exploit successful? I can't tell if anything is wrong.
Has this been fixed?


RE: Potential Exploit - vikramdhani - 2006-06-14

read this thread ok
http://community.mybboard.net/showthread.php?tid=9699


RE: Potential Exploit - nekng - 2006-06-14

you can also look at http://community.mybboard.net/showthread.php?tid=9677


RE: Potential Exploit - UtopiaSoft - 2006-06-14

Alright, so 1.1.3 is officially safe from the exploit. Some people have also said 1.1.2 was safe as well...is this pretty much the general sentiment?

Forgive the paranoia, but I used to run an Invision Board and it was completely compromised twice.


RE: Potential Exploit - Dennis Tsang - 2006-06-14

1.1.2 is vulnerable from this exploit. 1.1.3 fixes this bug.


RE: Potential Exploit - silverwing - 2006-06-14

i've had two users sign up with the .system username, and absolutely nothing happened. (and I'm still on 1.1.2).

So yes, you're safe from that idiot. (And hopefully the next idoit... and the next...._


RE: Potential Exploit - Dennis Tsang - 2006-06-14

No you're not. As I said previously, this exploit is confirmed in 1.1.2, and it is advised that all MyBB users upgrade to 1.1.3 to patch this security vulnerability.

If you refuse to believe me, then that is your decision, but please do not spread false truths that may hamper the security of another's board.


RE: Potential Exploit - silverwing - 2006-06-14

It's what I said: two users signed up with .system. Nothing happened.

But I just spent the whole effen 30 seconds it took to upgrade.


RE: Potential Exploit - Dennis Tsang - 2006-06-14

silverwing Wrote:It's what I said: two users signed up with .system. Nothing happened.

But I just spent the whole effen 30 seconds it took to upgrade.

Nothing happened to you, but the malacious user will be able to execute arbitrary PHP code, which you will not notice at all.


RE: Potential Exploit - silverwing - 2006-06-14

you're right, DennisTT. my appologies. I shouldn't have posted that, not knowing what was going on behind the scenes.

And upgrading the three files in the 1.1.3 changed files download took only 30 seconds. (Best upgrade of any cms i've used!)

silverwing