CVE-2006-4272
N/A
N/A
Summary
Jelsoft vBulletin 3.5.4 allows remote attackers to register multiple arbitrary users and cause a denial of service (resource consumption) via a large number of requests to register.php. NOTE: the vendor has disputed this vulnerability, stating "If you have the CAPTCHA enabled then the registrations wont even go through. … if you are talking about the flood being allowed in the first place then surely this is something that should be handled at the server level.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://archives.neohapsis.com/archives/bugtraq/2006-08/0381.html
- http://www.securityfocus.com/archive/1/443648/100/0/threaded
- http://securityreason.com/securityalert/1426
References
- http://archives.neohapsis.com/archives/bugtraq/2006-08/0381.html
- http://www.securityfocus.com/archive/1/443648/100/0/threaded
- http://securityreason.com/securityalert/1426
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.