xoops forums

Forum Index


Board index » All Posts (A-dog)




A-dog

Just popping in
Posted on: 2003/12/12 2:18
A-dog
A-dog (Show more)
Just popping in
Posts: 19
Since: 2002/1/25
#1

Re: Security Focus shows Xoops flaws - is 1.3.10 safe?

I realize there is a fix for the latest version.. but I'm not upgrading to RC2.0 because I'm using a very modified custom theme with 1.3.10

http://www.secunia.com/advisories/8672/

this site warns of an old bug, but my question was, is 1.3.10 still affected, and if so, or was it fixed in the 4/26 update? If not, can't devs provide an upgrade for this 1.3.10 since many people still don't use RC2.0 and beyond due to the new theme system..?

I've got a hacker telling me that he is doing something to cause a Buffer Overflow and its letting him into my server.
I think it has something to do with a form being insecure in some way. Help appreciated.


A-dog

Just popping in
Posted on: 2003/12/10 23:18
A-dog
A-dog (Show more)
Just popping in
Posts: 19
Since: 2002/1/25
#2

Security Focus shows Xoops flaws - is 1.3.10 safe?

I noticed at the website http://www.securityfocus.com
if you do a search for XOOPS it returns many of the fixes
we've seen lately.. well I've not been around here much lately but I was wondering if any of the devs can tell me if 1.3.10 is safe from cross-scripting attacks as found in recent times? I know that version contained many fixes of the sort but what about recent discoveries? I've had my front page replaced recently by hackers but they're cooperating with help..as any good hacker would. Thank God.

LMK!
A-Dog


A-dog

Just popping in
Posted on: 2002/9/11 17:55
A-dog
A-dog (Show more)
Just popping in
Posts: 19
Since: 2002/1/25
#3

Re: Xoops doesn't like ZoneAlarm Pro

Any word from the developers whether or not a fix will come from this situation?


A-dog

Just popping in
Posted on: 2002/9/6 16:52
A-dog
A-dog (Show more)
Just popping in
Posts: 19
Since: 2002/1/25
#4

Re: Xoops doesn't like ZoneAlarm Pro

I have Zone Alarm Pro and I don't have any problems getting into this site or my own or any others. However I still have the Register.php problem..no server found error...then when I reload a few times, it finally loads. Its gotta be an IE6 bug. But I seem to be one of very few that get this error. Anyways, I have Zone Alarm set to High Security for Internet Zone and Medium Security for my Trusted Zone. These settings should work for you in addition to any 3rd party cookie settings you adjust in windows. If windows cookie security settings need to be adjusted for any site to work, then XOOPS needs a fix for this.


A-dog

Just popping in
Posted on: 2002/2/27 11:20
A-dog
A-dog (Show more)
Just popping in
Posts: 19
Since: 2002/1/25
#5

Re: Hacked the REF Hack :o)

really sweet. man thats nice. Just installed it. Thanks for the cleanup.
I really enjoyed playing with this one.. headers look great..the SE's will really do their jobs with these keywords...



TopTop