[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[CVE-ID REQUEST] vBulletin - Multiple Open Redirects
- To: "cve@xxxxxxxxx" <cve@xxxxxxxxx>, "bugtraq@xxxxxxxxxxxxxxxxx" <bugtraq@xxxxxxxxxxxxxxxxx>
- Subject: [CVE-ID REQUEST] vBulletin - Multiple Open Redirects
- From: Robert Gilbert <rgilbert@xxxxxxxxxx>
- Date: Thu, 2 Jun 2011 14:46:52 -0500
Product: vBulletin
Version: 3 - 4.1.3
Release Date: 06/02/2011
Risk: Low
Authentication: Not required to exploit.
Remote: Yes
Description:
Multiple Open Redirect vulnerabilities in vBulletin version 4.1.3 and below
allow remote attackers to redirect users to arbitrary web sites and conduct
phishing attacks via the "url" parameter. By appending
?url=http://attackersite.com any number of pages, the user will be redirected
to a potentially dangerous site. This is particularly interesting when used on
the registration form or the password reset form.
Exploit Example:
http://forum.pwndshop.com/register.php?do=checkdate&url=http://attackersite.com
Vendor Notified: Yes
Reference:
http://www.vbulletin.com/forum/showthread.php/381014-Potential-Phishing-Vector?p=2166441
https://www.owasp.org/index.php/Open_redirect
Credit:
Robert Gilbert
Senior Consultant
HALOCK Security Labs, Purpose Driven Security(tm)
rgilbert [-at-] halock [-dot-] com
http://www.halock.com
http://blog.halock.com
Note: This message (including any attachments) is intended only for the use of
the individual or entity to which it is addressed and may contain information
that is non-public, proprietary, privileged, and/or confidential. If you are
not the intended recipient, you are hereby notified that any use,
dissemination, distribution, or copying of this communication is strictly
prohibited. If you have received this communication in error, please notify us
immediately by telephone and delete this message immediately.