 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 365 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
Bug Fix: Urgent fix for security hole in phpNuke 6.5 |
|
 The fix for what is mentioned in the previous articles as provided by
Francisco Burzi is as follows
Everyone should edit the file modules/News/index.php and search the function
rate_article. You should change the first lines of the functions to close the
security hole.
File: modules/News/index.php
Function: rate_article
It looks like:
if ($score) {
if ($score > 5) { $score = 5; }
if ($score < 1) { $score = 1; }
Should be changed for:
$score = intval($score);
if ($score) {
if ($score > 5) { $score = 5; }
if ($score < 1) { $score = 1; }
if ($score != 1 AND $score != 2 AND $score != 3 AND $score != 4 AND $score != 5)
{
Header("Location: index.php");
die();
}
Admin Note: The code has been updated to reflect the latest patch.
|
|
Posted on Sunday, March 23 @ 00:36:38 CET by [RETIRED]chatserv |
|
|
|
|
| |
|
Average Score: 4
Votes: 1
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Urgent fix for security hole in phpNuke 6.5 (Score: 1)
by ordhor on Sunday, March 23 @ 09:03:35 CET
(User Info | Send a Message) | it seems that the security hole still exists.
check out phpnuke.org: it has been hacked again
|
Re: Urgent fix for security hole in phpNuke 6.5 (Score: 1)
by bob2 on Sunday, March 23 @ 09:05:09 CET
(User Info | Send a Message) | | Yep, PHPNuke.org was hacked once more... we need an additional fix.... I tested the 6.0 fix on my test server and it appeared to work... so this is something different. |
]
Re: Urgent fix for security hole in phpNuke 6.5 (Score: 1)
by Zhen-Xjell on Sunday, March 23 @ 09:11:48 CET
(User Info | Send a Message) http://castlecops.com | In your mainfile:
foreach ($_REQUEST as $key=>$value) {
if (get_magic_quotes_gpc()==0) {
$value = addslashes($value); // This will reproduce the option magic_quotes_gpc=1
}
$value = str_replace(array(')','=','','|'),array(')','=','','|'),$value);
${$key} = $value;
$_REQUEST[$key] = $value;
if (isset($_POST[$key])) { $_POST[$key] = $value; }
if (isset($_COOKIE[$key])) { $_COOKIE[$key] = $value; }
if (isset($_FILE[$key])) { $_FILE[$key] = $value; }
if (isset($_GET[$key])) { $_GET[$key] = $value; }
if (isset($HTTP_POST_VARS[$key])) { $HTTP_POST_VARS[$key] = $value; }
if (isset($HTTP_COOKIE_VARS[$key])) { $HTTP_COOKIE_VARS[$key] = $value; }
if (isset($HTTP_FILE_VARS[$key])) { $HTTP_FILE_VARS[$key] = $value; }
if (isset($HTTP_GET_VARS[$key])) { $HTTP_GET_VARS[$key] = $value; }
}
|
]
Re: Urgent fix for security hole in phpNuke 6.5 (Score: 1)
by JoyDivision on Thursday, March 27 @ 06:27:47 CET
(User Info | Send a Message) http://www.bergamoblog.it | this sec patch has bug related to array variable (like uploaded file) adslashes made a crap of them..
please fix it
please explain me the str_replace statement
thnx |
]
| | | | | |
|
