Simple Machines Forum Avatar Information Disclosure Vulnerability

low Nessus Plugin ID 19550

Synopsis

The remote web server contains a PHP application that allows for the disclosure of information.

Description

The remote host is running Simple Machines Forum (SMF), an open source web forum application written in PHP.

The installed version of SMF on the remote host does not properly sanitize the URI supplied for the user avatar. An attacker who is registered in the affected application can exploit this flaw to run scripts each time a forum user accesses the malicious avatar, eg collecting forum usage information, launching attacks against users' systems, etc.

Solution

Unknown at this time.

See Also

http://retrogod.altervista.org/smf105.html

https://seclists.org/bugtraq/2005/Aug/438

Plugin Details

Severity: Low

ID: 19550

File Name: smf_avatar_code_injection.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 8/31/2005

Updated: 6/1/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Low

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Vulnerability Publication Date: 8/31/2005

Reference Information

CVE: CVE-2005-2817

BID: 14706