Intrusion Prevention

PHPBB.RegisterGlobals.Deregistration.Bypass

Description

This indicates a possible exploit of a buffer overflow vulnerability in phpBB, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
This is due to some errors where global variables defined by the user is not properly unset. This can be exploited in combination with certain input validation errors to execute arbitrary HTML and script code in a users browser session in context of an affected site, manipulate SQL queries by injecting arbitrary SQL code, and inject and execute arbitrary PHP code. Successful exploitation requires that register_globals is enabled and that the server runs PHP 5.

Affected Products

PHPBB version 2.0.17 and prior.

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor if available.

Other References

1