MyBB Community Forums Community Archive Archived Forums Archived Development and Support MyBB 1.2 Series MyBB 1.2 General Support v
Potential Exploit

Threaded Mode
Potential Exploit
UtopiaSoft Offline
Posts: 10
Threads: 2
Joined: Jun 2006
Reputation: 0
#1
2006-06-14, 03:05 AM
I run a MyBB forum and I just saw today that there is a registered user by the name of

'.system(getenv(HTTP_J)).'

I'm wondering a few things.

Is there a known exploit involving this?
I was running 1.1.2 at the time. Just up'd to 1.1.3. Because I was running the old version, was the exploit successful? I can't tell if anything is wrong.
Has this been fixed?
Find
vikramdhani Offline
Posts: 80
Threads: 31
Joined: Jun 2006
Reputation: 0
#2
2006-06-14, 03:08 AM
read this thread ok
http://community.mybboard.net/showthread.php?tid=9699
Find
nekng Offline
Posts: 308
Threads: 28
Joined: Feb 2006
Reputation: 1
#3
2006-06-14, 03:09 AM
you can also look at http://community.mybboard.net/showthread.php?tid=9677
[Image: DmyPd.jpg]
{add game TAR - mod} {MYBB YellowCP - theme}
Website Find
UtopiaSoft Offline
Posts: 10
Threads: 2
Joined: Jun 2006
Reputation: 0
#4
2006-06-14, 03:12 AM (This post was last modified: 2006-06-14, 03:12 AM by UtopiaSoft.)
Alright, so 1.1.3 is officially safe from the exploit. Some people have also said 1.1.2 was safe as well...is this pretty much the general sentiment?

Forgive the paranoia, but I used to run an Invision Board and it was completely compromised twice.
Find
Dennis Tsang Offline

Former Staff
Posts: 13,054
Threads: 304
Joined: Jun 2004
Reputation: 55
#5
2006-06-14, 04:35 AM
1.1.2 is vulnerable from this exploit. 1.1.3 fixes this bug.
Dennis Tsang
Former MyBB Team Member
Web: http://dennistt.net
Website Find
silverwing Offline
Posts: 80
Threads: 7
Joined: Mar 2006
Reputation: 0
#6
2006-06-14, 04:36 AM
i've had two users sign up with the .system username, and absolutely nothing happened. (and I'm still on 1.1.2).

So yes, you're safe from that idiot. (And hopefully the next idoit... and the next...._
Misguided Thoughts Weblog
[Image: misguided.gif]
Website Find
Dennis Tsang Offline

Former Staff
Posts: 13,054
Threads: 304
Joined: Jun 2004
Reputation: 55
#7
2006-06-14, 04:41 AM
No you're not. As I said previously, this exploit is confirmed in 1.1.2, and it is advised that all MyBB users upgrade to 1.1.3 to patch this security vulnerability.

If you refuse to believe me, then that is your decision, but please do not spread false truths that may hamper the security of another's board.
Dennis Tsang
Former MyBB Team Member
Web: http://dennistt.net
Website Find
silverwing Offline
Posts: 80
Threads: 7
Joined: Mar 2006
Reputation: 0
#8
2006-06-14, 04:47 AM
It's what I said: two users signed up with .system. Nothing happened.

But I just spent the whole effen 30 seconds it took to upgrade.
Misguided Thoughts Weblog
[Image: misguided.gif]
Website Find
Dennis Tsang Offline

Former Staff
Posts: 13,054
Threads: 304
Joined: Jun 2004
Reputation: 55
#9
2006-06-14, 04:56 AM
silverwing Wrote:It's what I said: two users signed up with .system. Nothing happened.

But I just spent the whole effen 30 seconds it took to upgrade.

Nothing happened to you, but the malacious user will be able to execute arbitrary PHP code, which you will not notice at all.
Dennis Tsang
Former MyBB Team Member
Web: http://dennistt.net
Website Find
silverwing Offline
Posts: 80
Threads: 7
Joined: Mar 2006
Reputation: 0
#10
2006-06-14, 05:27 AM (This post was last modified: 2006-06-14, 05:39 AM by silverwing.)
you're right, DennisTT. my appologies. I shouldn't have posted that, not knowing what was going on behind the scenes.

And upgrading the three files in the 1.1.3 changed files download took only 30 seconds. (Best upgrade of any cms i've used!)

silverwing
Misguided Thoughts Weblog
[Image: misguided.gif]
Website Find


Forum Jump:


Users browsing this thread: 1 Guest(s)