Phorum violation.php3转发任意邮件漏洞

Phorum violation.php3转发任意邮件漏洞

漏洞ID 1105672 漏洞类型 输入验证
发布时间 2000-01-01 更新时间 2005-10-20
图片[1]-Phorum violation.php3转发任意邮件漏洞-安全小百科CVE编号 CVE-2000-1234
图片[2]-Phorum violation.php3转发任意邮件漏洞-安全小百科CNNVD-ID CNNVD-200012-204
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20587
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200012-204
|漏洞详情
Phorum是Phorum团队开发的一套基于PHP和MySQL的开源论坛应用程序。Phorum存在一个漏洞允许远程用户发送任意邮件,而且不需要任何验证。violation.php3处理URL的参数,通过主机的MTA给Mod参数指定的email发送邮件,不过要记住的是,这封电子邮件会包含攻击者的IP(或代理服务器IP)和FQDN。恶意用户可能利用这个漏洞发送垃圾邮件或邮件炸弹等行径,可能让WEB主机的IP被加入垃圾邮件服务器的黑名单。
|漏洞EXP
source: http://www.securityfocus.com/bid/2272/info

Phorum is a freely available, open source package originally written by Brian Moon. The package is designed to add enhanced features to a web page, allowing users to interact through bulletin board style chats forums and discussions.

A problem with the Phorum package could allow remote users to arbitrarily relay email. Due to the way violation.php3 handles URL's as arguments, it is possible to create a custom crafted URL request to the script which will allow a remote user to send email through the hosts MTA. This email will then be delivered to the specified person with the appearance of coming from the web host. This problem makes it possible for a user with malicious intentions to socially engineer, mailbomb, or spam from the web host, and potentially get the host blacklisted in one of such lists. 

This vulnerability may be exploited requesting a URL of:

http://some.host.com/[email protected]&ForumName=text_to_spam

Where [email protected] is the destination of the mail, and text_to_spam is the text to appear in the body of the mail.
|参考资料

来源:BID
名称:2272
链接:http://www.securityfocus.com/bid/2272
来源:BUGTRAQ
名称:20000106Phorum3.0.7exploitsandIDSsignatures
链接:http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html

相关推荐: Apple Macintosh OS X FBCIndex File Contents Disclosure Vulnerability

Apple Macintosh OS X FBCIndex File Contents Disclosure Vulnerability 漏洞ID 1102861 漏洞类型 Access Validation Error 发布时间 2001-09-11 更新时…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享