XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. Xoops Development / 
  3. Xoops Bug Reports 
  4.  / Is XOOPS/newBB safe for php's unserialize() bug?
Register
1
wmostrey
Is XOOPS/newBB safe for php's unserialize() bug?

  • 2004/12/21 15:25

  • wmostrey

  • Just popping in

  • Posts: 19

  • Since: 2004/8/10


Do I need to upgrade my PHP on each of the servers running XOOPS/newBB or don't they use unserialize()? It's a flaw within the function unserialize() that is rated as very critical for millions of PHP servers, because it is exposed to remote attackers through lots of very popular webapplications. The list includes forum software like phpBB2, WBB2, Invision Board and vBulletin.
2
m0nty
Re: Is XOOPS/newBB safe for php

  • 2004/12/21 15:30

  • m0nty

  • XOOPS is my life!

  • Posts: 3337

  • Since: 2003/10/24


it would be wise for ur host to update their php versions & zend optimizer..

it's not just a vulnerability with unserialize(), there's also vulnerabilities with other functions too, such as pack() and unpack() etc..

as u may think, other modules may use those functions aswell & not just the ones mentioned..

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

347 user(s) are online (241 user(s) are browsing Support Forums)

Members: 0

Guests: 347

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits