Discuss all about IP.Board 2.2.x Security Update

Discuss IP.Board 2.2.x Security Update at Bulletin Board News, All the latest information from vBulletin, Invision Power Board and phpBB, all put together in some forum for your joy and pleasure. Up to the minute news about the from The Staff Lounge, Your vBulletin Resource. We'.



Go Back - Forums
The Staff Lounge Navigation - TSL Community Forums Navigation - TSL Bulletin Board News IP.Board 2.2.x Security Update
Private Messages Welcome to Your vBulletin Resource
Welcome Back Improve Your Community Today

Post New Thread  Reply
 
LinkBack Thread Tools Thread Tools Feed Icon
  #1  
Old 06-16-2007, 04:08 AM
IPB News
TSL Fixated
  
Post Count Posts: 87
Icon5 IP.Board 2.2.x Security Update
permalink
Up to the minute news about the from The Staff Lounge, Your vBulletin Resource. We'll find the latest news so you can chat about here.
Quote:
We have been notified that a vulnerability exists in the profile updating functions of IP.Board 2.2.0 - IP.Board 2.2.2.

Although the vulnerability cannot change any authentication credentials such as the email address or password and the vulnerability cannot be used to craft XSS (cross site scripting) attacks it can be used to cause a nuisance by updating another user's AIM name, Yahoo! identity, et. cetera.

The update (attached) is a single file update to "sources/action_public/xmlout.php". Manual patch instructions are also supplied.

The main download zip has been updated at the time of this announcement.

We would like to thank "iMMENSE" for bringing this to our attention.

Patch File:
http://forums.invisionpower.com/index.php?act=attach&type=post&id=11699

Manual Patch Instructions (for power users):
http://forums.invisionpower.com/index.php?act=attach&type=post&id=11700

Mon, 11 Jun 2007 16:42:58 -0400
Post your comments about this story, and other news here.

Reply With Quote
Post New Thread  Reply
The Staff Lounge Navigation - TSL Community Forums Navigation - TSL Bulletin Board News
Thread Tools

Similar Threads
Thread Thread Starter Forum Replies Last Post
IP.Board 2.2.x and 2.3.x Security Patch IPB News Bulletin Board News 0 08-30-2008 02:00 AM
IP.Board 2.3.4 Security Enhancements and DST Bug Fix IPB News Bulletin Board News 0 03-14-2008 08:21 PM
IP.Board 2.3.4 Security Enhancements (02-20-08) IPB News Bulletin Board News 0 02-21-2008 07:30 PM
IP.Board Security Enhancements IPB News Bulletin Board News 0 10-01-2007 06:56 PM
IP.Board 2.0.0 to 2.1.7 Security Notice IPB News Bulletin Board News 0 11-02-2006 06:39 PM


Forum Directory - vBulletin News - vBulletin Resources - About vBulletin - Forum Development - Forum Articles - Sitemap
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
Links of Interest
The Staff Lounge - Links of Interest
vB Styles
CinVin vBulletin Styles
vBSkinworks
.premodded
My vBulletin Blog
TalkCamp
Link2Share - Link Directory
Webmasters Domain
The Staff Lounge - Links of Interest
SysChat
Raw Sports Talk
The vBulletin Fans Network
Pay Per Click Forums
Domain Name Portal
vBSEO
Final Fantasy Forums