UseBB BBcode Parsing Remote Denial Of Service Vulnerability Network Vulnerability

Summary

This host has UseBB installed and is prone to Denial of Service vulnerability.

Impact

Successfull exploitation will allow remote attackers to execute arbitrary code and cause Denial-of-Service by posting a message containing specially crafted BBcode. Impact Level: Applicatioin.

Solution

Upgrade to UseBB version 1.0.10 For updates refer to http://www.usebb.net/downloads/

Insight

This issue is due to an infinite loops while parsing for malformed BBcode.

Affected

UseBB version 1.0.9 and prior on all platforms.

References

http://secunia.com/advisories/37328
http://www.usebb.net/community/topic-post9775.html
http://www.vupen.com/english/advisories/2009/3222

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4041

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
F-Secure Policy Manager Server fsmsh.dll module DoS
ejabberd 'client2server' Message Remote Denial of Service Vulnerability
Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability

Take action and discover your vulnerabilities