Private Message Exploits
Results 1 to 4 of 4

Thread: Private Message Exploits

  1. #1
    AO Soccer Mom debwalin's Avatar
    Join Date
    Mar 2002
    Posts
    2,185

    Private Message Exploits

    Hi guys, I really need your help. I have been informed that there is an exploit for Invision Power Board v. 1.1 that allows people to get into the private message inbox of other members accounts. I have searched and searched on Google for anything about it, either the exploit itself or a patch for it. Obviously I didn't find anything or I wouldn't be here begging ya'll for help. Does anyone know anything about this, anywhere I could get some info on it?

    Deb

    This is my forum I'm trying to patch, not get into anyone else's in case there was doubt.
    Outside of a dog, a book is man's best friend. Inside of a dog it's too dark to read.

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,049
    Hmm did the person that told you give you a link to an advisory ? do you know if its public yet ? i remember reading something about PM's but i think it was the vbullitin message board system its late here and im about to go to bed but you could check securiteam.com packetstormsecurity.nl or xatrix.org i will check back this thread in the morning and them i will have a decent look to see if i can turn anything up
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  3. #3
    AO Soccer Mom debwalin's Avatar
    Join Date
    Mar 2002
    Posts
    2,185
    Okay, nm Next time I should get a little more info. You have to be in the Admin CP and have the Admin pw, and you can't even see the whole damn msg and you can't see the sender or the recipient. Wish I had that 2 hours of my life back.

    Thanks for the help though.
    Outside of a dog, a book is man's best friend. Inside of a dog it's too dark to read.

  4. #4
    AO's Fluffy Bunny cdkj's Avatar
    Join Date
    Feb 2003
    Posts
    1,236
    debwalin

    i did a little searching and found this I hope this helps you

    http://www.avet.com.pl/pipermail/bug...il/003023.html
    I had to google 'jfgi' to see what it meant. The irony is overwhelming.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides