Security vulnerability in YaBB forum software
Security services provider iDefense has reported a vulnerability in the Yet another Bulletin Board (YaBB) forum software. The scripts for registering a user and changing a user's profile fail to check some user-provided entries correctly. As a result, an attacker can gain administrator access to YaBB forums without a valid login and, for example, modify templates - using which, commands can be issued which are executed with the web server's privileges.
The developers have not yet released a new version of the software, but have developed a patch. They recommend incorporating the patch into the YaBB source code using the BoardMod application and then overwriting the affected register.pl and profile.pl files on the server. Experienced users can also incorporate the patch by hand. Administrators should install the patch as soon as possible to avoid the risk of their forum being defaced or the web server being compromised.
- Security Vulnerability in YaBB 2.1 - Patch, YaBB team member announcing the patch
- YaBB Forum member.vars CRLF Injection Privilege Escalation Vulnerability, security advisory from iDefense
- Download BoardMod