yabbse security bug..

All off topic discussions go here. Everything from the funny thing your cat did to your favorite tv shows. Non-programming computer questions are ok too.
Post Reply
User avatar
df
Member
Member
Posts: 1076
Joined: Fri Oct 22, 2004 11:00 pm
Contact:
Contact df

yabbse security bug..

Post by df »

if anyone else on here is not aware, and runs yabbse, there is a secuity hole...

http://www.yabbse.org/community/index.p ... adid=17919

lucky I was online when the email came in...
apparently quite a few boards got hacked... ohwell...

hmm looks like it came out on jan24... yet i had no prior notification until 10 msgs today... how.. odd...
-- Stu --
Top
CESS.tk

Re:yabbse security bug..

Post by CESS.tk »

[weeble]how rare[/weeble]
Top
AGI1122

Re:yabbse security bug..

Post by AGI1122 »

This isn't that big of a security hole... I don't know how loading Packer.php is a security hole because it is a class... and classes can't be used from the url... and the class is only used by the code that is below is_admin(); which means it being loaded has no affect... I don't really think this is a security bug. :-\
Top
User avatar
df
Member
Member
Posts: 1076
Joined: Fri Oct 22, 2004 11:00 pm
Contact:
Contact df

Re:yabbse security bug..

Post by df »

according to the yabbse site some boards got owned, and tyhey must think its important enough to send out 12 odd emails... :/

shrugs. its fixed here anyway...
-- Stu --
Top
AGI1122

Re:yabbse security bug..

Post by AGI1122 »

Well I guess it is better to be safe than sorry. :)
Top
smartguy240

Re:yabbse security bug..

Post by smartguy240 »

df it wont load for me so could someone please inform me on what i should do?
Top
AGI1122

Re:yabbse security bug..

Post by AGI1122 »

After you follow the link, click refresh. ;)

Apparently there is a bug at the yabbse.org site...
Top
smartguy240

Re:yabbse security bug..

Post by smartguy240 »

ah ok thanks!
Top
Post Reply

Return to “General Ramblings”