The AnimeFanlistings Network Message Board
Fanlisting Management => Fanlistings Chit-Chat => Topic started by: Mura on May 01, 2006, 09:07:47 PM
-
There's a new security fix available for users of PHPfanbase. See the post at TFL (http://\"http://board.thefanlistings.org/index.php?showtopic=55378&st=0\") and the announcement at CodeGrrl (http://\"http://www.codegrrl.com/forums/index.php?showtopic=12851\") for more information. :/
EDIT:
This fixes issues that had not been found (and therefore were not dealt with) in the fix that was posted late last year.
-
The join forms have been acting wonky as of late. Thanks to the security fix, they're working again.
Thanks for posting this, Mura! :/
-
good, I updated my remaining PHPFB listings still not converted ^^;; and my hostees' too.
thanks Mura :flower:
-
Thanks for the heads up! *will be doing some re-uploading soon*
-
Thanks for posting this~
2 out of 25 done ^^;;
-
Thanks!!
-
I don't know if it belongs here, but I thought I'd post this. Several of my hostees use PHPFanbase, but even with a slight fix (that I don't know if it worked) there where problems. If your hosted on Surpass, please be avise that they're no longing allow PHPFanbase and probably other codegrrl scripts. As I said in Downtime & Hosting Trouble, here is what I was told because of Beautiful-beast.net suspension.
Kellie,
There were multiple installs of a codegrrl script located on this account. Due to the insecurities of this script, it is no longer allowed to be hosted on our network.
---
http://secunia.com/advisories/17542/ (http://\"http://secunia.com/advisories/17542/\")
---
Because of this script, IRC bots and php shells were uploaded to your account. I have removed as many of the files as I can, however there could be more left on the account. In order for us to unsuspend your account we need to you to agree to the following:
1) Remove all install of the codegrrl script
2) Look over folders for any suspicious files
If you agree to the above, I will unsuspend your account, and then check your account to ensure that everything is currently secure. Also, what other scripts (and versions please) do you run on your account? This will allow me to audit your account for security and secure both the server and your data remain protected.
I will be awaiting your reply.
Regards,
-Ray F.
Surpass Hosting Abuse/Security Team
I thought I'd let everyone know.
-
Thanks for the heads up, Neon. I guess this is a sign that I will be converting to Enth in the very near future. >_>
-
Hmm...Personally I still like the feel that Fanbase gives. (Members List/Admin CP wise) So I guess I'll just have to pray really hard for a new release! :D