Jump to content


Welcome to DevFuse Forums


Sign In  Log in with Facebook

Create Account
Welcome to DevFuse Forums, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of DevFuse Forums by signing in or creating an account.
  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.
 
Guest Message by DevFuse

(View All Products)Featured Products

  • Donations


    Help fund your forum with donations, setup goals and track member donations. Offer rewards for members donating.
  • Timeslips


    Have your members submit their race times and share with others.
  • Videos


    Allows your members to submit their own videos for community viewing. Support is included for all the major video sites.
  • Forms


    Build your own forms for your members without coding experience. Support included for pm, email and topics.
  • Collections


    Build a community database of items for your members. Full features custom fields included.

Photo

IPB 2.1.x Security Update (06-06-19)


  • Please log in to reply
5 replies to this topic

#1 Michael

Michael

    Management

  • Management
  • 3,524 posts
  • Gender:Male
  • IP.Board Version:IPB 3.4.x

Posted 20 June 2006 - 09:33 AM

This post outlines the steps required to update your IPB 2.1.x or IPB 2.1.x for this security update.
If you've downloaded IPB 2.1.6 since the time of this post, there is no need to update your installation as the main download has been updated.


It has come to our attention that changes in how regular expressions are executed in PHP 5 versus PHP 4 leave Invision Power Board 2.1.x vulnerable via injecting HTML into a post via hexidecimal HTML entities.

This security update has a full version number of: 21012.60619.s.
Please read our KB article on how to locate your full version number.

Invision Power Board 2.1.6 Update Package (21012.60516 to 21012.60619)
If you are running a version previous to 2.1.6, please update to 2.1.6 by downloading the main download zip.
Once you've performed the update, visit your ACP and click the link under the "Security Update Available" link to reset the image check.
Download Now

Source: Click Here

#2 Guest_SAFC_*

Guest_SAFC_*
  • Guests

Posted 20 June 2006 - 06:32 PM

This patch is a nuisance, I cant overwrite my class_bbcode.php or my class_bbcode_core.php files as they have modification edits in them, so when I went to add the update manually I still couldn't as the code that's meant to be there for you to replace isn't there in my files. :huh:

I still haven't patched it...

#3 Michael

Michael

    Management

  • Management
  • 3,524 posts
  • Gender:Male
  • IP.Board Version:IPB 3.4.x

Posted 20 June 2006 - 06:32 PM

We have actually have had a unsuccessful hack attempt using the vulnerability that this patch fixes. Luckily the patch was already applied, and this security fix did the job, so defiantly advise you to patch your IPB ASAP.

SAFC, you might want to try uploading the 2 files, then redoing any mod edits over it.

#4 Guest_SAFC_*

Guest_SAFC_*
  • Guests

Posted 20 June 2006 - 06:34 PM

We have actually have had a unsuccessful hack attempt using the vulnerability that this patch fixes. Luckily the patch was already applied, and this security fix did the job, so defiantly advise you to patch your IPB ASAP.


That's great! :rolleyes: (see my above post)

#5 Michael

Michael

    Management

  • Management
  • 3,524 posts
  • Gender:Male
  • IP.Board Version:IPB 3.4.x

Posted 20 June 2006 - 06:36 PM

That's great! :rolleyes: (see my above post)

:lol: Sorry just missed it.

SAFC, you might want to try uploading the 2 files, then redoing any mod edits over it.



#6 Guest_SAFC_*

Guest_SAFC_*
  • Guests

Posted 20 June 2006 - 06:38 PM

I'm going to give it a go now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users