exploits , vulnerabilities , articles , PunBB Password Reset Weak Random Number Security Bypass Vulnerability

Title	PunBB Password Reset Weak Random Number Security Bypass Vulnerability
Published	2008-02-20-12:00AM
Updated	2008-02-21-07:23PM
Class	Design Error
CVE
Remote	Yes
Local	No
Credit	Stefan Esser is credited with discovering this vulnerability.
Vulnerable	PunBB PunBB 1.2.16 PunBB PunBB 1.2.15 PunBB PunBB 1.2.14 PunBB PunBB 1.2.13 PunBB PunBB 1.2.12 PunBB PunBB 1.2.11 PunBB PunBB 1.2.10 PunBB PunBB 1.2.10 PunBB PunBB 1.2.9 PunBB PunBB 1.2.8 PunBB PunBB 1.2.7 PunBB PunBB 1.2.6 PunBB PunBB 1.2.5 PunBB PunBB 1.2.4 PunBB PunBB 1.2.3 PunBB PunBB 1.2.2 PunBB PunBB 1.2.1 PunBB PunBB 1.1.5 PunBB PunBB 1.1.4 PunBB PunBB 1.1.3 PunBB PunBB 1.1.2 PunBB PunBB 1.1.1 PunBB PunBB 1.1 PunBB PunBB 1.0.1 PunBB PunBB 1.0 RC2 PunBB PunBB 1.0 RC1 PunBB PunBB 1.0 _beta3 PunBB PunBB 1.0 _beta2 PunBB PunBB 1.0 _beta1 PunBB PunBB 1.0 _alpha PunBB PunBB 1.0
Not Vulnerable	PunBB PunBB 1.2.17
Code	An attacker can use a browser to exploit this issue.The following proof-of-concept exploit is available: /data/vulnerabilities/exploits/27908.php
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
2009-12-17 IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability
2009-12-17 Digital Scribe Cross Site Scripting and SQL Injection Vulnerabilities
2009-12-17 WP-Forum WordPress Plugin Multiple SQL Injection Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Fri, 18 Dec 2009 16:34:20 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
SNIMAL SEX paki sex Free sex 3 PHP 4.3.6 ___ ____ s ilch esxboy.com Jagg fucke include/ed maxcpm.inf shemals maxcpm.inf www.taobao bbwsex jet wwwsaxy.co x stream s Free sex 3 Nude aishw Tagger LE. Tagger LE. cahurica shemals news for c Bebo sign Tagger LE. Tagger LE. maxcpm.inf Www.Free i maxcpm.inf free anima freefhqiig ve\ideo www.goldsp Sexynudeph Crack Data r.php %.../cabil www.chengs Pappu suhapdan sex photos carma Irani sex cppop pop www.szpc31 200 /compo maxcpm.inf Hot sexy sex girls