Secunia Security Advisory - A vulnerability has been discovered in Simple Machines Forum, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious users to compromise a vulnerable system.
ab3325e280f444087ade3c3ac3e21c9e345ca478bac0b1dee98bbffb1d417406
----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details:
http://secunia.com/binary_analysis/sample_analysis/
----------------------------------------------------------------------
TITLE:
Simple Machines Forum Cross-Site Request Forgery Vulnerability
SECUNIA ADVISORY ID:
SA32516
VERIFY ADVISORY:
http://secunia.com/advisories/32516/
CRITICAL:
Moderately critical
IMPACT:
Cross Site Scripting, System access
WHERE:
>From remote
SOFTWARE:
Simple Machines Forum 1.x
http://secunia.com/advisories/product/5285/
DESCRIPTION:
A vulnerability has been discovered in Simple Machines Forum, which
can be exploited by malicious people to conduct cross-site request
forgery attacks and by malicious users to compromise a vulnerable
system.
The application allows users to perform certain actions via HTTP
requests without performing any validity checks to verify the
request. This can be exploited to e.g. perform certain administrative
actions when a logged-in user visits a malicious site.
Successful exploitation allows e.g. to install arbitrary packages and
execute arbitrary PHP code, but requires a valid user account to
upload a package file as an attachment.
The vulnerability is confirmed in version 1.1.6. Other versions may
also be affected.
SOLUTION:
Disable the usage of attachments. Grant only trusted users access to
the application.
PROVIDED AND/OR DISCOVERED BY:
Charles FOL
ORIGINAL ADVISORY:
http://milw0rm.com/exploits/6993
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------