发布时间 :2005-05-03 00:00:00
修订时间 :2008-09-05 16:49:03

[原文]MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php.

[CNNVD]MyPHP Forum Post.PHP用户名欺骗漏洞(CNNVD-200505-861)

        MyPHP Forum 1.0使得远程攻击者可以通过修改(1)传给post.php的nbuser参数或(2)传给privmsg.php的sender参数来进行用户名欺骗。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  BUGTRAQ  20050426 myPHP Forum v3 (possible v1 & 2 also) Identification 'spoof'
(UNKNOWN)  BID  13430

- 漏洞信息

MyPHP Forum Post.PHP用户名欺骗漏洞
中危 设计错误
2005-05-03 00:00:00 2005-10-20 00:00:00
        MyPHP Forum 1.0使得远程攻击者可以通过修改(1)传给post.php的nbuser参数或(2)传给privmsg.php的sender参数来进行用户名欺骗。

- 公告与补丁


- 漏洞信息

MyPHP Forum post.php Username Spoofing
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

MyPHP Forum contains a flaw that may allow a remote attacker to spoof the username in posted messages. The issue is due to post.php not properly sanitizing user input supplied to the $nbuser variable. This may allow an attacker to include someone else's username as the poster of a message. For example, an attacker could include a malicous executable in a message to someone, who may think the sender is a trusted source.

- 时间线

2005-04-26 Unknow
2005-04-26 Unknow

- 解决方案

Currently, there are no known vendor upgrades, patches, or workarounds available to correct this issue. The source code could be modified; in post.php, line 82, change "$nbuser = $_POST['nbuser'];" into "$nbuser = $_COOKIE['nbuser'];"

- 相关参考

- 漏洞作者

- 漏洞信息

MyPHP Forum Privmsg.PHP Username Spoofing Vulnerability
Design Error 13430
Yes No
2005-04-28 12:00:00 2009-07-12 02:06:00
Discovery of this issue is credited to Terencentanio Enache.

- 受影响的程序版本

MyPHP Forum MyPHP Forum 1.0

- 漏洞讨论

MyPHP Forum is prone to a username spoofing vulnerability. The issue exists due to a design error, where a user may arbitrarily specify their username as a value for a URI parameter while submitting a message to the forum.

An attacker may exploit this issue to spoof forum messages from other, potentially trusted, users.

- 漏洞利用

No exploit is required.

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <>.

- 相关参考