CVE-2011-1127 Information

Description

SSI.php in Simple Machines Forum (SMF) before 1.1.13 and 2.x before 2.0 RC5 does not properly restrict guest access which allows remote attackers to have an unspecified impact via unknown vectors.

Reference

http://custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip http://www.openwall.com/lists/oss-security/2011/02/22/17 http://www.openwall.com/lists/oss-security/2011/03/02/4 http://www.simplemachines.org/community/index.php?topic=421547.0