Intrusion Prevention

PBLang.BBS.Remote.Code.Injection

Description

It indicates a possible exploit of a remote code injection vulnerability in PBLang that may allow remote attackers to execute arbitrary PHP code via the 'u' parameter.

Affected Products

PBLang PBLang 4.66
PBLang PBLang 4.65
PBLang PBLang 4.63
PBLang PBLang 4.56 (4.5 RC 2)
PBLang PBLang 4.6
PBLang PBLang 4.0

Impact

System compromise.

Recommended Actions

Apply corresponding patch.
PBLang PBLang 4.0
* PBLang PBL466z.zip
http://prdownloads.sourceforge.net/pblang/PBL466z.zip?download
PBLang PBLang 4.56 (4.5 RC 2)
* PBLang PBL466z.zip
http://prdownloads.sourceforge.net/pblang/PBL466z.zip?download
PBLang PBLang 4.6
* PBLang PBL466z.zip
http://prdownloads.sourceforge.net/pblang/PBL466z.zip?download
PBLang PBLang 4.63
* PBLang PBL466z.zip
http://prdownloads.sourceforge.net/pblang/PBL466z.zip?download
PBLang PBLang 4.65
* PBLang PBL466z.zip
http://prdownloads.sourceforge.net/pblang/PBL466z.zip?download
PBLang PBLang 4.66
* PBLang PBL466z.zip
http://prdownloads.sourceforge.net/pblang/PBL466z.zip?download

CVE References

CVE-2005-2893