Security

Security Patch for XOOPS 2.3.3

Mamba  20-Aug-2009 13:17 11246 Reads   21 Comment(s) 
As discussed previously in forums, there are potential vulnerabilities identified in:

a) PM
b) Protector

modules.

While (a) is addressed by having Protector installed, and (b) is addressed by having "register_globals" disabled and having XOOPS_TRUST_PATH outside of the Document Root, we've addressed the issues in XOOPS 2.4.

However, since we don't know when exactly we'll release XOOPS 2.4, we're releasing this Security Patch for XOOPS 2.3.3 users.

Download: SourceForge XOOPS.

Installation: See the ReadMe.txt file

You are highly encouraged to implement the patch to your existing XOOPS 2.3.3 system.

Special thanks to Trabis, who addressed these issues.

Rating 0/5
Rating: 0/5 (0 votes)
Voting is disabled!


Login

Who's Online

190 user(s) are online (2 user(s) are browsing Publisher)


Members: 0


Guests: 190


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits

Categories