d track record of security reports as Ulf believes // He decided to not contact me, but I'm always here, digging on the net return strtr($str, "\015\012", ' '); } ?>
This is popping up on the header of my pages. I managed to find where its coming from. Its located at the very bottom of my mainfile.php.
Code:
function removecrlf($str) {
// Function for Security Fix by Ulf Harnhammar, VSU Security 2002
// Looks like I don't have so bad track record of security reports as Ulf believes
// He decided to not contact me, but I'm always here, digging on the net
return strtr($str, "\015\012", ' ');
}
?>d track record of security reports as Ulf believes
// He decided to not contact me, but I'm always here, digging on the net
return strtr($str, "\015\012", ' ');
}
Help me please, I'm getting paranoid
mikem Theme Guru
Joined: Jan 13, 2003
Posts: 1582
Location: Corn fields of Indiana
Posted:
Tue Jun 03, 2003 10:02 am
Here si what that looks liek in MY mainfile.php
Code:
function removecrlf($str) {
// Function for Security Fix by Ulf Harnhammar, VSU Security 2002
// Looks like I don't have so bad track record of security reports as Ulf believes
// He decided to not contact me, but I'm always here, digging on the net
return strtr($str, "\015\012", ' ');
}
try replacing your mainfile.php with the one from the security fix3 for Nuke6.5 or from the Nuke6.5 package OR, replace your code with mine. Have you made any modifications to that file?
?>d track record of security reports as Ulf believes
// He decided to not contact me, but I'm always here, digging on the net
return strtr($str, "\015\012", ' ');
}
and it hasn't popped up again....yet.
I'm more worried about what caused it. Was it a weird glitch or was someone nosing around where they shouldn't be
mikem Theme Guru
Joined: Jan 13, 2003
Posts: 1582
Location: Corn fields of Indiana
Posted:
Tue Jun 03, 2003 10:12 am
Your code looks like to me that possibkly that file got corrupted somehow when it was uploaded. But I'm not sure. Don't question it too much if it's fixed
Hopefully it wasn't a malicious attack, but I doubt it was.
I know this post is a couple days old but I just replaced my mainfile with a mainfile from nukescripts.com with that at the bottom. It was to allow you to use the word script in html links when your adding content and so forth.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
