"Powered by Ikonboard 3.1.1"

  • 日期:2004-09-07
  • 作者:anonymous
  • 语法:"Powered by Ikonboard 3.1.1"
  • IkonBoard (http://www.ikonboard.com/) is a comprehensive web bulletin board system, implemented as a Perl/CGI script.There is a flaw in the Perl code that cleans up user input before interpolating it into a string which gets passed to Perl's eval() function, allowing an attacker to evaluate arbitrary Perl and hence run arbitrary commands.More info at: http://www.securitytracker.com/alerts/2003/Apr/1006446.htmlThe bug was fixed in 3.1.2.