Security

Protector Security Fix for XOOPS 2.0.x and 2.2.x users

Mamba  28-Nov-2008 14:13 8551 Reads  14
Security is always the highest priority for XOOPS, and therefore we are releasing Security Updates as soon as we find a viable solution.

This is a temporary quick fix for Protector module, addressing potential local file inclusion vulnerability reported by DSRG. We hope that GIJOE, the author of Protector, will address this issue in future releases.

It is included in XOOPS 2.3.2a Security release, but if you're using Protector on XOOPS 2.0.x or 2.2.x, and your XOOPS_TRUST_PATH is located inside the Root, you are advised to upgrade to the version included in this package.

If your XOOPS_TRUST_PATH is outside of the Root (as you should!), you're not affected by this vulnerability.

For more information on how to make your XOOPS installation more secure, please read this article

Download the fix here

XOOPS Development Team
November 28th, 2008

Rating 0/5
Rating: 0/5 (0 votes)
Votes are disable!
Print article


Login

Username:
Password:

Lost Password? Register now!

Who's Online

55 user(s) are online (2 user(s) are browsing Publisher)


Members: 0


Guests: 55


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits

Categories