Hola amigos, desde phpBB.com nos informan de una nueva versión de los foros que soluciona muchos de los problemas de seguridad encontrados, sobre todo con versiones de PHP 4.3.10
Cambios y mejoras introducidas
- Added confirm table to admin_db_utilities.php
- Prevented full path display on critical messages
- Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug – AnthraX101
- Added exclude list to unsetting globals (if register_globals is on) – SpoofedExistence
- Fixed arbitrary file disclosure vulnerability in avatar handling functions – AnthraX101
- Fixed arbitrary file unlink vulnerability in avatar handling functions –AnthraX101
- Removed version number from powered by line
- Merged database update files to update_to_latest.php file
- Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug (related to AnthraX101’s discovery)
- Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug – matrix_killer
toda la información aquí >>>>>>
A parchear amigos/as
A parchear amigos/as
Saludos, Dabo