Launchpad.net

CVE 2006-4758

phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00.

Related bugs and status

CVE-2006-4758 (Candidate) is related to these bugs:

Bug #191201: [phpbb2] several remote vulnerabilities

		In	Importance	Status
191201	[phpbb2] several remote vulnerabilities	phpbb2 (Ubuntu)	Undecided	Fix Released
191201	[phpbb2] several remote vulnerabilities	phpbb2 (Ubuntu Dapper)	Undecided	Won't Fix
191201	[phpbb2] several remote vulnerabilities	phpbb2 (Ubuntu Edgy)	Undecided	Won't Fix
191201	[phpbb2] several remote vulnerabilities	phpbb2 (Ubuntu Gutsy)	Undecided	Won't Fix
191201	[phpbb2] several remote vulnerabilities	phpbb2 (Ubuntu Feisty)	Undecided	Won't Fix
191201	[phpbb2] several remote vulnerabilities	phpbb2 (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2006-4758

Related bugs and status

Related bugs

References