Jump to content


Welcome to DevFuse Forums


Sign In  Log in with Facebook

Create Account
Welcome to DevFuse Forums, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of DevFuse Forums by signing in or creating an account.
  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.
 
Guest Message by DevFuse

(View All Products)Featured Products

  • Donations


    Help fund your forum with donations, setup goals and track member donations. Offer rewards for members donating.
  • Timeslips


    Have your members submit their race times and share with others.
  • Videos


    Allows your members to submit their own videos for community viewing. Support is included for all the major video sites.
  • Forms


    Build your own forms for your members without coding experience. Support included for pm, email and topics.
  • Collections


    Build a community database of items for your members. Full features custom fields included.

Photo

IPB 2.x.x Security Update (04-25-06)


  • Please log in to reply
No replies to this topic

#1 Michael

Michael

    Management

  • Management
  • 3,543 posts
  • Gender:Male
  • IP.Board Version:IPB 3.4.x

Posted 25 April 2006 - 06:58 AM

This post outlines the steps required to update your IPB 2.0.x or IPB 2.1.x for this security update.
If you've downloaded IPB 2.1.5 since the time of this post, there is no need to update your installation as the main download has been updated.

It has come to our attention that Invision Power Board 2.0.x and Invision Power Board 2.1.x contains potential vulnerabilities:
  • A bug in Internet Explorer 5.0+ which allows a JPEG image to be uploaded with a GIF header containing malicious HTML / javascript code. (IPB 2.1.x only)
  • Potential SQL injection (limited to 32 characters)
  • Potential arbitrary PHP code execution
The attached files below contain the required files to update your installation to protect against these vulnerabilities. Simply download the relevant security update ZIP package and upload the files over the ones in your IPB installation effectively overwriting the files on your server.

Invision Power Board 2.1.x Update Package
http://forums.invisi...pe=post&id=9981

Invision Power Board 2.0.x Update Package
http://forums.invisi...pe=post&id=9980


Source: Click Here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users