Page 1 of 1
yabbse security bug..
Posted: Sun Feb 02, 2003 12:16 pm
by df
if anyone else on here is not aware, and runs yabbse, there is a secuity hole...
http://www.yabbse.org/community/index.p ... adid=17919
lucky I was online when the email came in...
apparently quite a few boards got hacked... ohwell...
hmm looks like it came out on jan24... yet i had no prior notification until 10 msgs today... how.. odd...
Re:yabbse security bug..
Posted: Sun Feb 02, 2003 1:16 pm
by CESS.tk
[weeble]how rare[/weeble]
Re:yabbse security bug..
Posted: Sun Feb 02, 2003 4:15 pm
by AGI1122
This isn't that big of a security hole... I don't know how loading Packer.php is a security hole because it is a class... and classes can't be used from the url... and the class is only used by the code that is below is_admin(); which means it being loaded has no affect... I don't really think this is a security bug. :-\
Re:yabbse security bug..
Posted: Sun Feb 02, 2003 5:32 pm
by df
according to the yabbse site some boards got owned, and tyhey must think its important enough to send out 12 odd emails... :/
shrugs. its fixed here anyway...
Re:yabbse security bug..
Posted: Sun Feb 02, 2003 5:55 pm
by AGI1122
Well I guess it is better to be safe than sorry.
Re:yabbse security bug..
Posted: Sun Feb 02, 2003 8:48 pm
by smartguy240
df it wont load for me so could someone please inform me on what i should do?
Re:yabbse security bug..
Posted: Sun Feb 02, 2003 8:49 pm
by AGI1122
After you follow the link, click refresh.
Apparently there is a bug at the yabbse.org site...
Re:yabbse security bug..
Posted: Sun Feb 02, 2003 8:54 pm
by smartguy240
ah ok thanks!