Register or have you forgotten your password?
Get the most out of Surmunity, read our tips here! Need an interesting blog to read? You've got to read the Surpass Blog!
| Welcome! Please register to access all of our features.
March 2nd, 2005, 6:24 PM
|
#1 (permalink) |
|
Guest
n/a posts
|
More Security Problems for phpBB
An update of phpBB has been released to address new security holes in the open source application. The disclosure comes on the heels of several recent security incidents involving phpBB, which is among the web's most popular web forum programs.
"One of the potential exploits addressed in this release could be serious in certain situations and thus we urge all users to upgrade to this release as soon as possible," the phpBB Group said in its advisory. The security fixes address multiple bugs that disclose the full path to system files in phpBB, which is powered by the PHP server-side scripting language. A vulnerability reported by iDefense could, under some configurations, allow malicious users to view system files. Read the rest HERE |
    
|
|
March 2nd, 2005, 6:31 PM
|
#2 (permalink) |
|
Skittles
Super #1
Joined in Aug 2004
Lives in a space ship
Hosted on dedi
6,826 posts
Gave thanks: 103
Thanked 199 times
|
ooh man... [insert some educated talk and such here]
uh.. this really went downhill.. i think i need to sleep
__________________
Mountain Dew Knight
People should not be afraid of their governments. Governments should be afraid of their people. |
|
|
|
March 2nd, 2005, 8:01 PM
|
#3 (permalink) |
|
Registered User
Comfy Contributor
Joined in Dec 2004
Lives in Fairfax, VA, USA
Hosted on sh57
247 posts
Gave thanks: 0
Thanked 0 times
|
The new phpBB downloads a file from phpBB Group's servers, every time you access the admin panel. I thought that was really lame, so I edited it out.
__________________
Ben the Benly Benis: the greatest webcomic in existence. (on sh57) |
|
|
|
|
March 2nd, 2005, 9:19 PM
|
#5 (permalink) |
|
Registered User
Comfy Contributor
Joined in Dec 2004
Lives in Fairfax, VA, USA
Hosted on sh57
247 posts
Gave thanks: 0
Thanked 0 times
|
The lame downloading stuff from phpBB's website thing is new, actually. I saw it because I applied the 2.0.12 updates line-by-line based on a diff someone supplied. (I've tweaked the code a bit.)
__________________
Ben the Benly Benis: the greatest webcomic in existence. (on sh57) |
|
|
|
|
March 2nd, 2005, 11:10 PM
|
#7 (permalink) |
|
Marketing Maven
Surpass Staff
Joined in May 2003
Lives in Chicago
24,757 posts
Gave thanks: 946
Thanked 807 times
|
Everyday more applications are being exploited by crackers and cause our servers to be the origin of spam, or used by non-customers to upload files to unsuspecting customer diretories to leech bandwidth. Right now the hot program to exploit is 4images. This brings back the PHP Nuke nightmare.. it was used to spam but that is taken care of in the new version.
4images doesn't really appear to be very active in updates. If someone can correct me on that.. I'd be glad to hear. Trying to decide what to do with it now (as in what to mass disable server wide.. such as with PHP Nuke the webmail section was disabled..). |
|
|
|
|
March 3rd, 2005, 5:22 PM
|
#9 (permalink) |
|
Registered User
Comfy Contributor
Joined in Oct 2004
132 posts
Gave thanks: 1
Thanked 0 times
|
Kayla you are right about 4Images...they are terrible with updates..that's why I switched to Coppermine...a much better program and better support...
__________________
SERVER: PASS 16 
|
|
|
|
