This has been reported to phpBB staff on May 16, and forwared to Bugtraq by me some days ago. ----- Original Message ----- From: <kill-9at_private> To: <bugtraqat_private> Sent: Friday, August 10, 2001 8:20 AM Subject: Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below > note to editors: please leave all links intact. > ########################################### > ######## > Easily and Remotely Pipe a Covert Shell on phpBB > version 1.4.0 and below > > found and written by: kill-9at_private > http://www.modernhacker.com (...) > Note: phpBB team has known about this vulnerability > and failed to alert the public. Their acknoledgement is > seen in the 1.4.1 source code comments. See my other post. > ########################################### > ######## > Regards, Joao Gouveia --------------
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 09:26:06 PDT