Intrusion Prevention

Dcboard.User.Addition.Invalid

Description

It indicates a potentially malicious attempt to add new registration entry in DCForum.


DCForum is a web forum software provided by DC Business Solutions. Due to an input validation error in dcboard.cgi file, an attacker can create an extra entry in the registration database and gain additional privileges on the infected system.


Affected Products

Any unprotected DC Scripts DCForum 6.0 or DCForum 2000 1.0 is vulnerable to the attack.

Impact

Attackers can create additional entry in the registration database and hence gain unauthorized privileges on the victim system.

Recommended Actions

Apply appropriate patches or Upgrade the system to the latest non-vulnerable version.


CVE References

CVE-2001-0527