 |
|
|
|
|
|
|
|
|
|
|||||||
 |
|
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
2005-07-04, 11:24 PM
|
#1 |
|
Shut up brain, or I'll stab you with a Q-tip!
Join Date: Aug 2003
Posts: 114
|
Security advisories for phpAdsNew & blogging software
I saw this advisory linked over on Slashdot for vulenabilities in php xml-rpc libraries used in a lot of blogging packages:
http://news.netcraft.com/archives/20..._exploits.html The xml-rpc library in phpAdsNew is also vulnerable: http://phpadsnew.com/two/nucleus/index.php The good news is that you can protect phpAdsNew right now by simply deleting or moving a single file if you don't feel comfortable installing the upgrade on your own. |
|
|
|
2005-07-05, 09:20 AM
|
#2 |
|
Operator! Give me the number for 911!
Join Date: Jun 2004
Location: Washington DC
Posts: 138
|
Thanks for the heads up.
If you are using WordPress, you need to upgrade to the 1.5.1.3. immediately. It is the only version that is not vulnerable. http://wordpress.org/support/topic/38263 |
|
|
|
|
2005-07-05, 11:43 AM
|
#3 |
|
Certified Nice Person
Join Date: Oct 2003
Location: Dirty Undies, NY
Posts: 11,268
 |
I just upgraded my phpadsnew this morning, yet I still feel vulnerable, but in an emotional sense, not a server security sense.
__________________
Click here to purchase a bridge I'm selling. |
|
|
|
|
2005-07-05, 02:40 PM
|
#4 |
|
You can now put whatever you want in this space :)
Join Date: Sep 2004
Location: Toronto, Canada
Posts: 6,244
|
Thanks UW for the info!
Do you just have to replace that file or all files when you upgrade to the new version? ---art |
|
|
|
|
2005-07-05, 02:49 PM
|
#5 | |
|
Certified Nice Person
Join Date: Oct 2003
Location: Dirty Undies, NY
Posts: 11,268
|
Quote:
 Your best bet is to just upgrade to the newest stable package. Download the new version. Untar or unzip it, back-up your old config.inc.php. Upload the new package to your server allowing it to overwrite all of the old files. Upload the old config.inc.php, which will overwrite the new one you just uploaded. Chmod that config.inc.php to 777. Log in to your phpadsnew control panel and proceed from there. It's quick and painless, just a couple of clicks. When it's complete (like 15-30 seconds later), chmod the config.inc.php back to 644. You're done.
__________________
Click here to purchase a bridge I'm selling. |
|
|
|
|
|
2005-07-05, 03:08 PM
|
#6 | |
|
You can now put whatever you want in this space :)
Join Date: Sep 2004
Location: Toronto, Canada
Posts: 6,244
|
Quote:
|
|
|
|
|
|
2005-07-05, 08:18 PM
|
#7 |
|
Whoo! 9/10 the way to buddy plays in "The Christ from Oz"!
Join Date: Aug 2003
Location: Australia
Posts: 921
|
I did the upgrade on phpadsnew and it wasnt hard.. just the db backups I did first were HUGE. hehe the server even locked me out of phpmyadmin for a few minutes lol. I had been putting it off till I read this so thanks guys for pulling my finger out
 |
|
|
|
|
|
|
Linear Mode
