AOH :: HP Unsorted Nums :: BU-1069.HTM

40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)



40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)
40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)



This is the first batch of vulnerabilities found by the SimpleAudit team from elhacker.net
http://labs.elhacker.net/simpleaudit 
 
Our goal is to evaluate the security of SMF 2.0 before using it on our own server, and we have found several security vulnerabilities.
 
The vulnerabilities that also apply to SMF 1.1.10 were fixed by the SMF team today, on SMF 1.1.11 visit simplemachines.org for details.
 
You can review the list of the published vulnerabilities in:
http://code.google.com/p/smf2-review/issues/list 
 
 
 
CSRF, RCE PHP Remote Code Execution SMF2 www.kernel32 
CSRF CSRF theme change SMF2, SMF1 www.kernel32 
CSRF Subforum Category Collapse CSRF SMF2, SMF1 www.kernel32 
CSRF CSRF en el gestor de servidores de paquetes SMF2, SMF1 www.kernel32 
XSS XSS in package server manager SMF2, SMF1 www.kernel32 
CSRF CSRF package deletion and installed package disclosure SMF2 www.kernel32 
CSRF, XSS Attached files configuration CSRF SMF2 www.kernel32 
  XSS   XSS in "Enable basic HTML in posts" SMF2 sirdarckcat   
  RFD   Remote File Disclosure (solo en logs, y similares) SMF2 sirdarckcat   
  CSRF   CSRF en Moderation Preferences SMF2 sirdarckcat   
  XSS   XSS en el censurador de palabras SMF2, SMF1 sirdarckcat   
  CSRF   CSRF in Polls SMF2, SMF1 sirdarckcat   
  XSS   installer XSS SMF2 brlvldvlsmrtnz   
  XSS   XSS in the installer (install.php) SMF2 cicatriz.r00t   
  CSRF   CSRF in the message rule manager SMF2 cicatriz.r00t   
  XSS   XSS in smileys manager SMF2 cicatriz.r00t   
XSS Error log XSS SMF2 www.kernel32 
CSRF Arbitrary package deinstalation CSRF SMF2 www.kernel32 
XSS User search XSS SMF2 www.kernel32 
  XSS   language manager CSRF+XSS SMF2 cicatriz.r00t   
  XSS   XSS in forum name SMF2 ysk.sft   
  XSS   XSS in logo. SMF2 cicatriz.r00t   
  CSRF, XSS   CSRF in the posts settings SMF2 brlvldvlsmrtnz   
  XSS   Language search XSS SMF2 brlvldvlsmrtnz   
  XSS   XSS in theme name of themes and layout settings. SMF2 brlvldvlsmrtnz   
  XSS   XSS in member options with theme name SMF2 brlvldvlsmrtnz   
  XSS   XSS in theme url and settings SMF2 brlvldvlsmrtnz   
  XSS   XSS in modify themes with theme names SMF2 brlvldvlsmrtnz   
  XSS, CSRF   XSS in package manager / options SMF2 cicatriz.r00t   
  CSRF   CSRF permite darle permisos a los usuarios normales para modificar permisos del foro SMF2 ysk.sft   
  CSRF   CSRF join 2 topics . SMF2 ysk.sft   
  CSRF   CSRF permite borrar una encuesta SMF2 ysk.sft   
  CSRF   CSRF permite elevar privilegios de usuarios normales para modificar los smileys SMF2 ysk.sft   
DoS RSS DoS SMF2, SMF1 www.kernel32 
CSRF Session token stealling SMF2, SMF1 www.kernel32 
  ----   ReDoS en htmltrim SMF2 sirdarckcat   
  DoS   Forum access DoS SMF2 sirdarckcat   
  XSS   XSS en la subida de archivos. SMF2 ysk.sft   
  CSRF   Message rule CSRF SMF2 brlvldvlsmrtnz   
CSRF Steal session token SMF2, SMF1 www.kernel32 


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.