Support Forums - All Posts - XOOPS Web Application System

31

Re: Attn: phpBB users - php 4.3.10 Exploit found

2004/12/23 20:07
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

What ackbarr wrote is right, I think.

This hole is just a phpBB's specific bug. ( "/e" in preg_replace() )
PHP version and this hole are irrelevant.

The coding style of phpBB looks quite insecure.
Although this hole is patched in 2.0.11, attackers will crack phpBB via the other holes easily.

Of course, PHP <= 4.3.9 has a vulnerability with unseriarize() and newbb should be patched with such an old PHP.

32

Patches for newbb 1.0 and PHP <= 4.3.9

2004/12/22 7:19
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

As you know a vulnerablity about function unserialize() is found in PHP <= 4.3.9

This can cause some crackings via newbb 1.0, because newbb uses unserialize() against $_COOKIE.

This is the security patches.
If your server's PHP still <= 4.3.9 and you use newbb 1.0, patch this.

Although I don't know newbb2, it may be safe because newbb looks it does not store informations of last_read in COOKIE.


diff -rc newbb_old/index.php newbb/index.php

*** newbb_old/index.php    Fri Jan 30 08:28:30 2004

--- newbb/index.php    Wed Dec 22 16:16:09 2004

***************

*** 75,81 ****

              continue;

          }

          // Read 'lastread' cookie, if exists

!         $topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();

          foreach ( $forums as $forum_row ) {

              unset($last_post);

              if ( $forum_row['cat_id'] == $categories[$i]['cat_id'] ) {

--- 75,93 ----

              continue;

          }

          // Read 'lastread' cookie, if exists

!         //$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();

!         // GIJ start

!         if( empty( $_COOKIE['newbb_topic_lastread'] ) ) $topic_lastread = array();

!         else {

!             $topic_lastreadtmp = explode( ',' , $_COOKIE['newbb_topic_lastread'] ) ;

!             foreach( $topic_lastreadtmp as $tmp ) {

!                 $idmin = explode( '|' , $tmp ) ;

!                 $id = empty( $idmin[0] ) ? 0 : intval( $idmin[0] ) ;

!                 $min = empty( $idmin[1] ) ? 0 : intval( $idmin[1] ) ;

!                 $topic_lastread[ $id ] = $min * 60 ;

!             }

!         }

!         // GIJ end

          foreach ( $forums as $forum_row ) {

              unset($last_post);

              if ( $forum_row['cat_id'] == $categories[$i]['cat_id'] ) {

diff -rc newbb_old/post.php newbb/post.php

*** newbb_old/post.php    Fri Jan 30 08:28:30 2004

--- newbb/post.php    Wed Dec 22 16:11:54 2004

***************

*** 45,50 ****

--- 45,53 ----

      }

      $forumdata = $xoopsDB->fetchArray($result);

  

+     // GIJ Patch

+     if( empty( $forumdata['allow_html'] ) ) $HTTP_POST_VARS['nohtml'] = 1 ;

+ 

      if ( $forumdata['forum_type'] == 1 ) {

      // To get here, we have a logged-in user. So, check whether that user is allowed to view

      // this private forum.

diff -rc newbb_old/viewforum.php newbb/viewforum.php

*** newbb_old/viewforum.php    Wed Feb  4 00:58:48 2004

--- newbb/viewforum.php    Wed Dec 22 16:12:32 2004

***************

*** 192,198 ****

  }

  

  // Read topic 'lastread' times from cookie, if exists

! $topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();

  while ( $myrow = $xoopsDB->fetchArray($result) ) {

  

       if ( empty($myrow['last_poster']) ) {

--- 192,210 ----

  }

  

  // Read topic 'lastread' times from cookie, if exists

! //$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();

! // GIJ start

! if( empty( $_COOKIE['newbb_topic_lastread'] ) ) $topic_lastread = array();

! else {

!     $topic_lastreadtmp = explode( ',' , $_COOKIE['newbb_topic_lastread'] ) ;

!     foreach( $topic_lastreadtmp as $tmp ) {

!         $idmin = explode( '|' , $tmp ) ;

!         $id = empty( $idmin[0] ) ? 0 : intval( $idmin[0] ) ;

!         $min = empty( $idmin[1] ) ? 0 : intval( $idmin[1] ) ;

!         $topic_lastread[ $id ] = $min * 60 ;

!     }

! }

! // GIJ end

  while ( $myrow = $xoopsDB->fetchArray($result) ) {

  

       if ( empty($myrow['last_poster']) ) {

diff -rc newbb_old/viewtopic.php newbb/viewtopic.php

*** newbb_old/viewtopic.php    Thu Feb  5 03:43:44 2004

--- newbb/viewtopic.php    Wed Dec 22 16:15:28 2004

***************

*** 348,354 ****

  $xoopsTpl->assign(array('forum_jumpbox' => make_jumpbox($forum), 'lang_forum_index' => sprintf(_MD_FORUMINDEX,$xoopsConfig['sitename']), 'lang_from' => _MD_FROM, 'lang_joined' => _MD_JOINED, 'lang_posts' => _MD_POSTS, 'lang_poster' => _MD_POSTER, 'lang_thread' => _MD_THREAD, 'lang_edit' => _EDIT, 'lang_delete' => _DELETE, 'lang_reply' => _REPLY, 'lang_postedon' => _MD_POSTEDON));

  

  // Read in cookie of 'lastread' times

! $topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();

  // if cookie is not set for this topic, update view count and set cookie

  if ( empty($topic_lastread[$topic_id]) ) {

      $sql = 'UPDATE '.$xoopsDB->prefix('bb_topics').' SET topic_views = topic_views + 1 WHERE topic_id ='. $topic_id;

--- 348,366 ----

  $xoopsTpl->assign(array('forum_jumpbox' => make_jumpbox($forum), 'lang_forum_index' => sprintf(_MD_FORUMINDEX,$xoopsConfig['sitename']), 'lang_from' => _MD_FROM, 'lang_joined' => _MD_JOINED, 'lang_posts' => _MD_POSTS, 'lang_poster' => _MD_POSTER, 'lang_thread' => _MD_THREAD, 'lang_edit' => _EDIT, 'lang_delete' => _DELETE, 'lang_reply' => _REPLY, 'lang_postedon' => _MD_POSTEDON));

  

  // Read in cookie of 'lastread' times

! //$topic_lastread = !empty($HTTP_COOKIE_VARS['newbb_topic_lastread']) ? unserialize($HTTP_COOKIE_VARS['newbb_topic_lastread']) : array();

! // GIJ eliminated unserialize

! if( empty( $_COOKIE['newbb_topic_lastread'] ) ) $topic_lastread = array();

! else {

!     $topic_lastreadtmp = explode( ',' , $_COOKIE['newbb_topic_lastread'] ) ;

!     foreach( $topic_lastreadtmp as $tmp ) {

!         $idmin = explode( '|' , $tmp ) ;

!         $id = empty( $idmin[0] ) ? 0 : intval( $idmin[0] ) ;

!         $min = empty( $idmin[1] ) ? 0 : intval( $idmin[1] ) ;

!         $topic_lastread[ $id ] = $min * 60 ;

!     }

! }

! // GIJ end

  // if cookie is not set for this topic, update view count and set cookie

  if ( empty($topic_lastread[$topic_id]) ) {

      $sql = 'UPDATE '.$xoopsDB->prefix('bb_topics').' SET topic_views = topic_views + 1 WHERE topic_id ='. $topic_id;

***************

*** 356,362 ****

  }

  // Update cookie

  // FIXME: doesn't check if 4kB limit of cookie is exceeded!

! $topic_lastread[$topic_id] = time();

! setcookie("newbb_topic_lastread", serialize($topic_lastread), time()+365*24*3600, $bbCookie['path'], $bbCookie['domain'], $bbCookie['secure']);

  include XOOPS_ROOT_PATH.'/footer.php';

  ?>

--- 368,389 ----

  }

  // Update cookie

  // FIXME: doesn't check if 4kB limit of cookie is exceeded!

! // GIJ Patch begin

! //$topic_lastread[$topic_id] = time();

! //setcookie("newbb_topic_lastread", serialize($topic_lastread), time()+365*24*3600, $bbCookie['path'], $bbCookie['domain'], $bbCookie['secure']);

! $topic_lastread[$topic_id] = intval( ceil( time() / 60 ) ) ;

! 

! arsort($topic_lastread);

! 

! $counter = 300 ;

! $str4cookie = '' ;

! foreach( $topic_lastread as $id => $time ) {

!     $str4cookie .= intval( $id ) . '|' . intval( $time ) . ',' ;

!     if( -- $counter < 0 ) break ;

! }

! $str4cookie = substr( $str4cookie , 0 , -1 ) ;

! 

! setcookie("newbb_topic_lastread", $str4cookie , time()+365*24*3600, $bbCookie['path'], $bbCookie['domain'], $bbCookie['secure']);

! // GIJ Patch end

  include XOOPS_ROOT_PATH.'/footer.php';

  ?>

33

Re: "Failed to execute xoops_module_install_myalbum"

2004/12/9 20:51
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

Perhaps, it's a little bug.
(thanks for your reporting)

And, don't worry about that.

The codes of xoops_module_install_myalbum() is:

- turn the admin's permissions on

So, all you have to do is turning the permissions manually in myAlbum-P's admin.

34

Re: P-Myalbum - help me!

2004/11/29 20:07
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

- go to system admin -> preferences -> general
- change "Default template set" as "default"

And Don't forget updating myAlbum-P in modules admin.

35

Re: P-Myalbum - help me!

2004/11/29 4:41
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

Perhaps, it's an issue of templates.
Try default templates set.

36

Re: XHLD - Incorrectly formatted feed?

2004/11/24 10:21
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

Quote:

dadruid wrote:
http://www.smirkingchimp.com/backend.php

Have you clicked the link?

You can see no xml.
It's obviously a problem of the site.

37

Re: piCal: Removing the allday-option?

2004/11/22 19:24
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

hi Kasch.

it needs a hack.

see this:
http://www.peak.ne.jp/xoops/modules/xhnewbb/viewtopic.php?topic_id=299&forum=1&post_id=1186#forumpost1186

http://www.peak.ne.jp/xoops/modules/xhnewbb/viewtopic.php?topic_id=315&forum=1&post_id=1218#forumpost1218

Good luck!

38

Re: Headlines

2004/11/22 19:22
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

Quote:

I now get the RSS feeds that I want, although some of them do some wierd stuff like the BBC - I ask for 5 feeds in the main page, it gives me about 20, but only descriptions for 5 ??????

If you want to display as old style, set it in preferences.
And the total of recent headlines -new style- can also be changed in preferences.

Quote:

AND for some reason it does NOT appear to work with WF-Channel, for some reason this does not display any more?

I've never used WF series and I can't understand what you mean.

If it shows blank page, turn "php debug" on.

At least, xhld is a gentle module and it observes the minimum rules as a XOOPS module, I believe.

39

Re: pical how do I make holidy event?

2004/11/22 10:18
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

hi fredriksk.

edit language/(your_language)/pical_vars.phtml

40

Re: Simple blog with picture gallery.

2004/11/22 10:16
GIJOE
Quite a regular
Posts: 265
Since: 2003/8/13

hi surpass.

Do you want to use myAlbum-P's Image Manager Integration with SPAW?

I heard that wordpress's SPAW supports myAlbum-P's image.

Anyway, I know that the implementation of ImageManagerIntegration into WYSIWYG editor is necessary.
But it is not so easy.

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Forum Index

Re: Attn: phpBB users - php 4.3.10 Exploit found

Patches for newbb 1.0 and PHP <= 4.3.9

Re: "Failed to execute xoops_module_install_myalbum"

Re: P-Myalbum - help me!

Re: P-Myalbum - help me!

Re: XHLD - Incorrectly formatted feed?

Re: piCal: Removing the allday-option?

Re: Headlines

Re: pical how do I make holidy event?

Re: Simple blog with picture gallery.

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}