Security Advisory: SMF .htaccess bypass - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  [CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix
  MyWebFTP Password Disclosure
  [Full-disclosure] SF-Shoutbox 1.2.1 <= 1.4 HTML/JS Injection Vulnerability
  PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection

From: h3llcode_(at)_hotmail.it <h3llcode_(at)_hotmail.it>
Date: 07.11.2007
Subject: SMF .htaccess bypass

# ./start
#
# Discovered by Seph1roth on June 2007 (was priv8)
#
# Vulnerable: Simple Machine Forum [ALL Versions]
#
# Visit: http://www.blackroots.it - Best hacking site.
#
# Description:

If smf has index.php?action=admin in .htaccess ,i can bypass that by typing in the url some variable of
administration panel :

example:

index.php?action=admin (.htaccess,then access denied)
index.php?action=membergroups (accessible)
index.php?action=news (accessible)
index.php?action=featuresettings (accessible)

...and others...

i can bypass and enter the administration by typing the accessible variables in the url...

# Greets to all BlackRoots Users
#
# Shoutz to all kiddies
#
# ./end