FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpBB session table exhaustion

Affected packages
phpbb <= 2.0.8_2

Details

VuXML ID a56a72bb-9f72-11d8-9585-0020ed76ef5a
Discovery 2004-03-05
Entry 2004-05-06

The includes/sessions.php unnecessarily adds session item into session table and therefore vulnerable to a denial-of-service attack.

References

Message 20040421011055.GA1448@frontfree.net