Jump to content


Welcome to DevFuse Forums


Sign In  Log in with Facebook

Create Account
Welcome to DevFuse Forums, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of DevFuse Forums by signing in or creating an account.
  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.
 
Guest Message by DevFuse

(View All Products)Featured Products

  • Donations


    Help fund your forum with donations, setup goals and track member donations. Offer rewards for members donating.
  • Timeslips


    Have your members submit their race times and share with others.
  • Videos


    Allows your members to submit their own videos for community viewing. Support is included for all the major video sites.
  • Forms


    Build your own forms for your members without coding experience. Support included for pm, email and topics.
  • Collections


    Build a community database of items for your members. Full features custom fields included.

Photo

[IPS News]IPB 2.x.x Critical Security Update


  • Please log in to reply
No replies to this topic

#1 Michael

Michael

    Management

  • Management
  • 3,543 posts
  • Gender:Male
  • IP.Board Version:IPB 3.4.x

Posted 05 January 2006 - 05:25 AM

This announcement details the required steps to perform this security update to your IPB 2.1.4 or IPB 2.0.4 installation. If you have yet to upgrade to IPB 2.1.4 or IPB 2.0.4, do so before running this security update.

If you have downloaded IPB 2.1.4 or IPB 2.0.4 AFTER 11:15am GMT (6:15am EST) then you can disregard this notice as the main download zip has been updated.


It has come to our attention that a potential SQL exploit exists in all versions of IPB 2.x.x which can allow malicious SQL queries to be executed by forcing code into cookies. We received this report this morning and have closed this vulnerability, updated the main ZIP and released this patch.

Downloading the IPB 2.1.4 (01-05-06) Patch

Please make sure you're logged in to your client center. Once logged in, please visit this download page and download the patch.

Downloading the IPB 2.0.4 (01-05-06) Patch

Please make sure you're logged in to your client center. Once logged in, please visit this download page and download the patch.

Once the patch is downloaded to your harddrive, unzip and upload the patched files over the ones on your webserver. The directory structure has been preserved for your convenience.

There is no need to run the IPB upgrade system and no langauge or template files have been modified for this update.

This attached DIFF report will help you manually modify your files to complete this update.


Source: Click Here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users