| View previous topic :: View next topic |
| Author |
Message |
fplanque
Core Developer
Joined: 13 Jun 2003
Posts: 831
  
votes: 9
|
 Posted: Thu Jan 06, 2005 13:56 Post subject: Security issue! |
 |
|
There is an SQL injection security issue in the latest releases (up to 0.9.0.11). It will be fixed in 0.9.0.12 but you are invited to take preventive action and apply one of the following patch methods:
1: manual edit:
Open the file /blogs/b2evocore/_class_itemlist.php and find the following code around lines 197-201:
| Code: |
// if a post urltitle is specified, load that post
if( !empty( $title ) )
{
$where .= " AND post_urltitle = '$title'";
}
|
Replace these lines like this:
| Code: |
// if a post urltitle is specified, load that post
if( !empty( $title ) )
{
$where .= ' AND post_urltitle = '.$DB->quote($title);
}
|
2: patch files
Download the following file:
http://prdownloads.sourceforge...p?download , unzip it and replace the two enclosed files in in the blogs/b2evocore folder.
This second method also fixes a small harmless bug that would cause an error when testing the SQL injection issue is fixed.
_________________
François - Rambling on... State of the Evolution - fplanque.com
b2evolution project maintainer / main developer
Follow b2evolution on twitter and become a fan of b2evolution on facebook
Last edited by fplanque on Fri Jan 07, 2005 14:00; edited 1 time in total |
|
| Back to top |
|
 |
Patrick
Hooked :)
Joined: 29 Jan 2004
Posts: 106
|
| Posted: Thu Jan 06, 2005 16:14 Post subject: |
|
|
This file is in b2evocore folder  |
|
| Back to top |
|
|
s7uar7
New Poster
Joined: 30 Sep 2003
Posts: 20
votes: 1
|
| Posted: Sun Jan 09, 2005 12:39 Post subject: |
|
|
| I'm still using 0.8.7, and don't have that section in _class_itemlist.php - am I ok? |
|
| Back to top |
|
|
fplanque
Core Developer
Joined: 13 Jun 2003
Posts: 831
votes: 9
|
| Posted: Mon Jan 10, 2005 7:19 Post subject: |
|
|
I *think* 0.8.7 did not have ant $title handling, so you *might* be okay. But there is no way I can guarantee anything about old releases like 0.8.7 .
_________________
François - Rambling on... State of the Evolution - fplanque.com
b2evolution project maintainer / main developer
Follow b2evolution on twitter and become a fan of b2evolution on facebook |
|
| Back to top |
|
|
s7uar7
New Poster
Joined: 30 Sep 2003
Posts: 20
votes: 1
|
| Posted: Mon Jan 10, 2005 8:23 Post subject: |
|
|
| Ok, thanks Francoise. I added the title handling myself, so I'll take the risk. |
|
| Back to top |
|
|
ravidgemole
New Poster
Joined: 20 Jan 2005
Posts: 1
|
| Posted: Thu Jan 20, 2005 20:08 Post subject: 9.0.10 |
|
|
Greets - I just checked the relevant file for this bug and found it to exist. I am currently running v9.10.0.
_________________
At the end of the game the king and the pawn go back to the same box. |
|
| Back to top |
|
|
greenman
New Poster
Joined: 20 Apr 2005
Posts: 17
|
| Posted: Wed Apr 20, 2005 11:18 Post subject: Not the most recent exploit |
|
|
| Note that this is not the most recent exploit. I'd patched this a while back, but was recently exploited - see my blog post about the exploit. |
|
| Back to top |
|
|
whoo
Taskmaster
Joined: 25 Dec 2004
Posts: 1294
votes: 19
|
| Posted: Wed Apr 20, 2005 11:28 Post subject: |
|
|
providing your logs to francois would be the thing to do.. BUT, fyi, the screenshot you have of the b2evolution website having "lost its skin" .. I see that ALOT here because the server seems to slow down, and the stylesheet doesnt get rendered ... not seeing a particular style isnt an accurate indication of an exploit.
Like I said, sending an email to francois with your apache logs and as much other info as you can provide (times etc..) would certainly go further than one post here as francois will probably see his email before he comes here.
I wont even ask why you posted on your blog about this 3 days before your post here .. Ill just assume you have already contacted francois and leave well enough alone. Cant fix it if they dont know its broke 
_________________
Do you use last.fm?
Try out my nifty badge generator!
|
|
| Back to top |
|
|
greenman
New Poster
Joined: 20 Apr 2005
Posts: 17
|
| Posted: Mon Apr 25, 2005 3:58 Post subject: |
|
|
Hi whoo
I have been in contact with Francois, and he's sure there was no exploit of the actual b2evolution site, so it must just have been a style sheet issue, as you mention. |
|
| Back to top |
|
|
whoo
Big Sister
Joined: 25 Dec 2004
Posts: 1294
votes: 19
|
| Posted: Mon Apr 25, 2005 6:13 Post subject: |
|
|
yeap greenman, I read his reply on your blog regarding this domain. Im still not sure about what happened to your own blog, but thats not for me to wonder, I reckon.
_________________
Do you use last.fm?
Try out my nifty badge generator!
|
|
| Back to top |
|
|
grizly
New Poster
Joined: 28 Sep 2006
Posts: 1
|
| Posted: Thu Sep 28, 2006 16:54 Post subject: conditions |
|
|
| Hello all. In my conditions I have to use 0.8.7 release. What can i do in this case except b2evolution updating? Sorry if my question looks like quesion of stupid man. But I have to |
|
| Back to top |
|
|
|
Home
Search
Usergroups
Register
Log in
