SecurityTracker.com Archives - YaBB Bulletin Board Lets Remote Users Conduct Cross-site Scripting Attacks Against YaBB Users

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us | Help |

SecurityTracker
Archives

Welcome to SecurityTracker!

Click to Sign Up

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Want to learn about SecurityTracker? We've got answers to frequently asked questions right here

Sign Up!

Category: Application (Forum/Board/Portal) > YaBB

YaBB Bulletin Board Lets Remote Users Conduct Cross-site Scripting Attacks Against YaBB Users

SecurityTracker Alert ID: 1004614

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Jun 24 2002

Impact: Disclosure of authentication information, Disclosure of user information, Modification of user information, User access via network

Exploit Included: Yes

Version(s): 1 Gold SP1 and prior versions

Description: An input validation vulnerability was reported in YaBB. A remote user can conduct cross-site scripting attacks against YaBB users.

It is reported that a remote user can create a URL that requests a thread that doesn't exist to cause YaBB to display an error message that will include user-supplied script code. A demonstration exploit URL is provided:

http://[targethost]/cgi-bin/YaBB/YaBB.cgi?board=BOARD &action=display&num=<script>alert()</script>

A remote user could send a specially crafted URL to a target (victim) user such that, when loaded, the resulting web page will cause arbitrary scripting code to be executed by the target user's browser. The code will run in the security context of the site running YaBB. As a result, the code may be able to access the target user's cookies associated with that site (if any), access web page content submitted to that site, and take actions on that site acting as the target user.

See the original advisory at:

http://sec.angrypacket.com/advisories/0003_AP.yabb.txt

[Editor's note: The author of the report has restricted distribution of their report, so we cannot reproduce it in the Source Message.]

Impact: A remote user can cause arbitrary Javascript code to run on a target user's browser. The code may be able to access the target user's cookies associated with that site (if any), access the target user's web page content submitted to that site, and take actions on that site acting as the target user.

Solution: No solution was available at the time of this entry.

Vendor URL: www.yabbforum.com/ (Links to External Site)

Cause: Input validation error

Underlying OS: Linux (Any), UNIX (Any), Windows (Any)

Reported By: methodic <methodic@bigunz.angrypacket.com>

Message History: None.

Source Message Contents

 

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2002, SecurityGlobal.net LLC