31
GIJOE
Re: Attn: phpBB users - php 4.3.10 Exploit found
  • 2004/12/23 20:07

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


What ackbarr wrote is right, I think.

This hole is just a phpBB's specific bug. ( "/e" in preg_replace() )
PHP version and this hole are irrelevant.

The coding style of phpBB looks quite insecure.
Although this hole is patched in 2.0.11, attackers will crack phpBB via the other holes easily.

Of course, PHP <= 4.3.9 has a vulnerability with unseriarize() and newbb should be patched with such an old PHP.



32
GIJOE
Patches for newbb 1.0 and PHP <= 4.3.9
  • 2004/12/22 7:19

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


As you know a vulnerablity about function unserialize() is found in PHP <= 4.3.9

This can cause some crackings via newbb 1.0, because newbb uses unserialize() against $_COOKIE.

This is the security patches.
If your server's PHP still <= 4.3.9 and you use newbb 1.0, patch this.

Although I don't know newbb2, it may be safe because newbb looks it does not store informations of last_read in COOKIE.

diff -rc newbb_old/index.php newbb/index.php
*** newbb_old/index.php    Fri Jan 30 08:28:30 2004
--- newbb/index.php    Wed Dec 22 16:16:09 2004
***************
*** 
75,81 ****
              continue;
          }
          
// Read 'lastread' cookie, if exists
!         $topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();
          foreach ( 
$forums as $forum_row ) {
              unset(
$last_post);
              if ( 
$forum_row['cat_id'] == $categories[$i]['cat_id'] ) {
--- 
75,93 ----
              continue;
          }
          
// Read 'lastread' cookie, if exists
!         //$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();
!         // GIJ start
!         if( empty( $_COOKIE['newbb_topic_lastread'] ) ) $topic_lastread = array();
!         else {
!             
$topic_lastreadtmp explode',' $_COOKIE['newbb_topic_lastread'] ) ;
!             foreach( 
$topic_lastreadtmp as $tmp ) {
!                 
$idmin explode'|' $tmp ) ;
!                 
$id = empty( $idmin[0] ) ? intval$idmin[0] ) ;
!                 
$min = empty( $idmin[1] ) ? intval$idmin[1] ) ;
!                 
$topic_lastread$id ] = $min 60 ;
!             }
!         }
!         
// GIJ end
          
foreach ( $forums as $forum_row ) {
              unset(
$last_post);
              if ( 
$forum_row['cat_id'] == $categories[$i]['cat_id'] ) {
diff -rc newbb_old/post.php newbb/post.php
*** newbb_old/post.php    Fri Jan 30 08:28:30 2004
--- newbb/post.php    Wed Dec 22 16:11:54 2004
***************
*** 
45,50 ****
--- 
45,53 ----
      }
      
$forumdata $xoopsDB->fetchArray($result);
  
+     
// GIJ Patch
+     if( empty( $forumdata['allow_html'] ) ) $HTTP_POST_VARS['nohtml'] = ;

      if ( 
$forumdata['forum_type'] == ) {
      
// To get here, we have a logged-in user. So, check whether that user is allowed to view
      // this private forum.
diff -rc newbb_old/viewforum.php newbb/viewforum.php
*** newbb_old/viewforum.php    Wed Feb  4 00:58:48 2004
--- newbb/viewforum.php    Wed Dec 22 16:12:32 2004
***************
*** 
192,198 ****
  }
  
  
// Read topic 'lastread' times from cookie, if exists
$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();
  while ( 
$myrow $xoopsDB->fetchArray($result) ) {
  
       if ( empty(
$myrow['last_poster']) ) {
--- 
192,210 ----
  }
  
  
// Read topic 'lastread' times from cookie, if exists
//$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();
// GIJ start
! if( empty( $_COOKIE['newbb_topic_lastread'] ) ) $topic_lastread = array();
! else {
!     
$topic_lastreadtmp explode',' $_COOKIE['newbb_topic_lastread'] ) ;
!     foreach( 
$topic_lastreadtmp as $tmp ) {
!         
$idmin explode'|' $tmp ) ;
!         
$id = empty( $idmin[0] ) ? intval$idmin[0] ) ;
!         
$min = empty( $idmin[1] ) ? intval$idmin[1] ) ;
!         
$topic_lastread$id ] = $min 60 ;
!     }
! }
// GIJ end
  
while ( $myrow $xoopsDB->fetchArray($result) ) {
  
       if ( empty(
$myrow['last_poster']) ) {
diff -rc newbb_old/viewtopic.php newbb/viewtopic.php
*** newbb_old/viewtopic.php    Thu Feb  5 03:43:44 2004
--- newbb/viewtopic.php    Wed Dec 22 16:15:28 2004
***************
*** 
348,354 ****
  
$xoopsTpl->assign(array('forum_jumpbox' => make_jumpbox($forum), 'lang_forum_index' => sprintf(_MD_FORUMINDEX,$xoopsConfig['sitename']), 'lang_from' => _MD_FROM'lang_joined' => _MD_JOINED'lang_posts' => _MD_POSTS'lang_poster' => _MD_POSTER'lang_thread' => _MD_THREAD'lang_edit' => _EDIT'lang_delete' => _DELETE'lang_reply' => _REPLY'lang_postedon' => _MD_POSTEDON));
  
  
// Read in cookie of 'lastread' times
$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();
  
// if cookie is not set for this topic, update view count and set cookie
  
if ( empty($topic_lastread[$topic_id]) ) {
      
$sql 'UPDATE '.$xoopsDB->prefix('bb_topics').' SET topic_views = topic_views + 1 WHERE topic_id ='$topic_id;
--- 
348,366 ----
  
$xoopsTpl->assign(array('forum_jumpbox' => make_jumpbox($forum), 'lang_forum_index' => sprintf(_MD_FORUMINDEX,$xoopsConfig['sitename']), 'lang_from' => _MD_FROM'lang_joined' => _MD_JOINED'lang_posts' => _MD_POSTS'lang_poster' => _MD_POSTER'lang_thread' => _MD_THREAD'lang_edit' => _EDIT'lang_delete' => _DELETE'lang_reply' => _REPLY'lang_postedon' => _MD_POSTEDON));
  
  
// Read in cookie of 'lastread' times
//$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();
// GIJ eliminated unserialize
! if( empty( $_COOKIE['newbb_topic_lastread'] ) ) $topic_lastread = array();
! else {
!     
$topic_lastreadtmp explode',' $_COOKIE['newbb_topic_lastread'] ) ;
!     foreach( 
$topic_lastreadtmp as $tmp ) {
!         
$idmin explode'|' $tmp ) ;
!         
$id = empty( $idmin[0] ) ? intval$idmin[0] ) ;
!         
$min = empty( $idmin[1] ) ? intval$idmin[1] ) ;
!         
$topic_lastread$id ] = $min 60 ;
!     }
! }
// GIJ end
  // if cookie is not set for this topic, update view count and set cookie
  
if ( empty($topic_lastread[$topic_id]) ) {
      
$sql 'UPDATE '.$xoopsDB->prefix('bb_topics').' SET topic_views = topic_views + 1 WHERE topic_id ='$topic_id;
***************
*** 
356,362 ****
  }
  
// Update cookie
  // FIXME: doesn't check if 4kB limit of cookie is exceeded!
$topic_lastread[$topic_id] = time();
setcookie("newbb_topic_lastread"serialize($topic_lastread), time()+365*24*3600$bbCookie['path'], $bbCookie['domain'], $bbCookie['secure']);
  include 
XOOPS_ROOT_PATH.'/footer.php';
  
?>
--- 368,389 ----
  }
  // Update cookie
  // FIXME: doesn't check if 4kB limit of cookie is exceeded!
! // GIJ Patch begin
! //$topic_lastread[$topic_id] = time();
! //setcookie("newbb_topic_lastread", serialize($topic_lastread), time()+365*24*3600, $bbCookie['path'], $bbCookie['domain'], $bbCookie['secure']);
! $topic_lastread[$topic_id] = intval( ceil( time() / 60 ) ) ;

! arsort($topic_lastread);

! $counter = 300 ;
! $str4cookie = '' ;
! foreach( $topic_lastread as $id => $time ) {
!     $str4cookie .= intval( $id ) . '|' . intval( $time ) . ',' ;
!     if( -- $counter < 0 ) break ;
! }
! $str4cookie = substr( $str4cookie , 0 , -1 ) ;

! setcookie("newbb_topic_lastread", $str4cookie , time()+365*24*3600, $bbCookie['path'], $bbCookie['domain'], $bbCookie['secure']);
! // GIJ Patch end
  include XOOPS_ROOT_PATH.'/footer.php';
  ?>



33
GIJOE
Re: "Failed to execute xoops_module_install_myalbum"
  • 2004/12/9 20:51

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


Perhaps, it's a little bug.
(thanks for your reporting)

And, don't worry about that.

The codes of xoops_module_install_myalbum() is:

- turn the admin's permissions on

So, all you have to do is turning the permissions manually in myAlbum-P's admin.



34
GIJOE
Re: P-Myalbum - help me!
  • 2004/11/29 20:07

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


- go to system admin -> preferences -> general
- change "Default template set" as "default"

And Don't forget updating myAlbum-P in modules admin.



35
GIJOE
Re: P-Myalbum - help me!
  • 2004/11/29 4:41

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


Perhaps, it's an issue of templates.
Try default templates set.



36
GIJOE
Re: XHLD - Incorrectly formatted feed?
  • 2004/11/24 10:21

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


Quote:
Have you clicked the link?

You can see no xml.
It's obviously a problem of the site.



37
GIJOE
Re: piCal: Removing the allday-option?
  • 2004/11/22 19:24

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13





38
GIJOE
Re: Headlines
  • 2004/11/22 19:22

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


Quote:

I now get the RSS feeds that I want, although some of them do some wierd stuff like the BBC - I ask for 5 feeds in the main page, it gives me about 20, but only descriptions for 5 ??????

If you want to display as old style, set it in preferences.
And the total of recent headlines -new style- can also be changed in preferences.

Quote:
AND for some reason it does NOT appear to work with WF-Channel, for some reason this does not display any more?

I've never used WF series and I can't understand what you mean.

If it shows blank page, turn "php debug" on.

At least, xhld is a gentle module and it observes the minimum rules as a XOOPS module, I believe.



39
GIJOE
Re: pical how do I make holidy event?
  • 2004/11/22 10:18

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


hi fredriksk.

edit language/(your_language)/pical_vars.phtml



40
GIJOE
Re: Simple blog with picture gallery.
  • 2004/11/22 10:16

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


hi surpass.

Do you want to use myAlbum-P's Image Manager Integration with SPAW?

I heard that wordpress's SPAW supports myAlbum-P's image.

Anyway, I know that the implementation of ImageManagerIntegration into WYSIWYG editor is necessary.
But it is not so easy.




TopTop
« 1 2 3 (4) 5 6 7 ... 21 »



Login

Username:
Password:

Lost Password? Register now!

Who's Online

72 user(s) are online (45 user(s) are browsing Support Forums)


Members: 0


Guests: 72


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits