BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
Re: phpBB 2.0.8a and lower - IP spoofing vulnerability
Apr 20 2004 12:15PM
3APA3A (3APA3A SECURITY NNOV RU)
Dear Ready Response,
--Monday, April 19, 2004, 4:01:29 AM, you wrote to bugtraq (at) securityfocus (dot) com [email concealed]:
RR> the users IP address in the common.php script. This issue is caused
RR> by blind trust of the X-Forwarded-For HTTP header. A remote attacker
This issue is very common for different BBs (for e...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
--Monday, April 19, 2004, 4:01:29 AM, you wrote to bugtraq (at) securityfocus (dot) com [email concealed]:
RR> the users IP address in the common.php script. This issue is caused
RR> by blind trust of the X-Forwarded-For HTTP header. A remote attacker
This issue is very common for different BBs (for e...
[ more ]