CVE-2005-0269

Name of the Vulnerable Software and Affected Versions GNUBoard versions 3.40 and earlier

Description The issue allows remote attackers to upload arbitrary files by exploiting a weakness in the file extension check, which only verifies extensions containing all lowercase letters. This enables attackers to upload files with extensions that include uppercase letters.

Recommendations For GNUBoard versions 3.40 and earlier, consider implementing a case-insensitive file extension check to prevent the upload of arbitrary files. As a temporary workaround, restrict file uploads to only those with extensions containing all lowercase letters until a proper fix is applied.