CVE-2005-4687

Name of the Vulnerable Software and Affected Versions PunBB version 1.2.9

Description The issue allows remote attackers to misrepresent their IP address by sending a modified X-Forwarded-For HTTP header, which could be trusted by the software instead of the actual IP address from the TCP/IP stack.

Recommendations For PunBB version 1.2.9, consider validating the IP address through the TCP/IP stack instead of relying on the X-Forwarded-For header to prevent IP address misrepresentation. As a temporary workaround, restrict the use of the X-Forwarded-For header until a proper fix is applied.