Page Index Toggle Pages: 1
Topic Tools
Sanitizing Input in Yabb (Read 1,947 times)
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 3,768
Location: Land of the Blazing Sun!

YaBB 2.6.0
Re: Sanitizing Input in Yabb
Reply #2 - Mar 21st, 2010 at 6:13pm
Post Tools
Matt,

I 'think' the vulnerability is limited to the 'address line' URL parameter pass. I don't think it applies to form input.

Secondarily, "I" interpret the McAfee results to mean that, at the moment, the Yabb.pl file will accept a mangled URL that includes one (or more) of those characters and attempt to process it.  Meaning, I suppose, that by allowing those characters, a 'free' string can be injected (one that includes an 'execution' character. (the genuine input is cut off)   Shocked 

I suppose the correct thing to do is get a definition from McAfee.

Smiley

Edited:
Remember, they are pointing out a vulnerability NOT an exploit
« Last Edit: Mar 21st, 2010 at 6:17pm by JonB »  

I find your lack of faith disturbing.
Back to top
IP Logged
 
Matt Siegman
YaBB Legends (Inactive)
*
Offline



Posts: 3,380
Location: Wichita, KS
Re: Sanitizing Input in Yabb
Reply #1 - Mar 20th, 2010 at 11:27pm
Post Tools
As noted in the other thread, I'm just not quite 'getting' this one.
  

-- Matt Siegman 8) Wish List
Back to top
 
IP Logged
 
marcello
YaBB Newcomer
*
Offline



Posts: 13
Sanitizing Input in Yabb
Mar 18th, 2010 at 4:40am
Post Tools
Yabb has a security vulnerability that allows hackers to modify HTTP response headers. This should be fixed if possible in the next release.

All inputs (e.g. parameters in URLs) should be stripped from the following characters.
%0D
%0A
%0D%0A
\r
\n
\r\n

These characters have no practical use in the parameters except for hacking...

This issue came up due to a failing McAfee security scan (e.g. PCI).
Please see post http://www.yabbforum.com/community/YaBB.pl?num=1268532876 for context and more details.

Thanks for a great forum!

Cheeers, Marcello
« Last Edit: Mar 18th, 2010 at 4:40am by marcello »  
Back to top
 
IP Logged
 
Page Index Toggle Pages: 1
Topic Tools
 
  « Board Index ‹ Board  ^Top