-->
0-Day Flaws Inward Vanilla Forums Permit Remote Attackers Hack Websites

0-Day Flaws Inward Vanilla Forums Permit Remote Attackers Hack Websites

0-Day Flaws Inward Vanilla Forums Permit Remote Attackers Hack Websites

 Influenza A virus subtype H5N1 safety researcher has publicly disclosed ii critical null 0-Day Flaws inward Vanilla Forums Let Remote Attackers Hack Websites
Influenza A virus subtype H5N1 safety researcher has publicly disclosed ii critical zero-day vulnerabilities inward Vanilla Forums, an opened upwards beginning software that powers give-and-take on over 500,000 websites, which could allow unauthenticated, remote attackers to fully compromise targeted websites easily.

Discovered past times Polish safety researcher Dawid Golunski of Legal Hackers, ii dissever unpatched vulnerabilities, a remote code execution (CVE-2016-10033) together with host header injection (CVE-2016-10073), behavior on the latest version of Vanilla Forums 2.3, leaving hundreds of thousands of websites together with their visitors vulnerable to diverse hacking attacks.

Vanilla Forums: Remote Code Execution Flaw


According to Golunski, both vulnerabilities technically be because Vanilla Forum is yet using a vulnerable version of PHPMailer, i of the nigh pop opened upwards beginning PHP libraries used to ship emails.

Last twelvemonth Golunski reported a critical remote code execution flaw (CVE-2016-10033) inward PHPMailer library that allows an aggressor to remotely execute arbitrary code inward the context of the spider web server together with compromise the target spider web application.
In a proof-of-concept video, Golunski demonstrated that the same PHPMailer exploit besides makes the Vanilla Forums vulnerable, together with if used inward combination amongst host header injection, it allows attackers to inject arbitrary commands together with payloads passed inside the HOST header.
"It should live on noted that this vulnerability tin yet live on exploited fifty-fifty if Vanilla software is hosted on Apache spider web server amongst several name-based vhosts enabled, together with despite non existence the default vhost," the researcher explained.

Vanilla Forums: Host Header Injection Flaw


The Host Header Injection vulnerability inward Vanilla forum tin besides live on independently used to hijack user accounts, let's state admin, past times sending a spoofed HTTP asking amongst a custom HOST header (for representative attacker-mxserver.com), piece initiating a password reset procedure for a targeted admin user.

This technique besides industrial plant inward a like mode every bit the Wordpress flaw, Golunski disclosed simply terminal week, allowing attackers to gain access to user accounts, "carrying Web-cache poisoning attacks, together with inward some instances, execute arbitrary code."

Golunski reported the vulnerabilities to the Vanilla Forums inward Jan this year. The society acknowledged his reports but went mum for some v months, which made him become populace amongst his findings.

The researcher confirmed both the flaws yet be inward the nigh recent, stable version 2.3 of Vanilla Forums, together with believes that older versions of the forum software are besides vulnerable.

Until the society fixes the issue, every bit a temporary mitigation, Golunski advises website administrator to laid the sender's e-mail address to a predefined static value inward lodge to block the Vanilla Forums from using the HOST header.

Update: Vanilla Forums fixed the reported vulnerabilities terminal night, together with said the issues alone behavior on its gratis together with opened upwards beginning product, adding "neither of these vulnerabilities behavior on our cloud customers" at vanillaforums.com, "nor were they at the fourth dimension of their publication."

Users of its gratis together with opened upwards beginning software are strongly recommended to update their Vanilla Forums software to the latest opened upwards beginning version, Vanilla 2.3.1.
Blogger
Disqus
Pilih Sistem Komentar

No comments

Advertiser