BLOGGED
§ Recent Comments
- G.I. JOE: good one
- Connie: Wow, this is so cool!!!
- Cessy: Suharto... Grrrr.
- Cessy: Suharto! Grrrr.
- alfonso velázquez: sí señor, buena prosa, fúmate
§ Recent Posts
- medieval project
- Hell Week Part 2
- World's Ten Most Corrupt Leaders*
- Windows XP activation
- Chinese Watermelon art
§ Stalkers
Community announcements and web resources now at the web portal. Visit the Protagonist' Affordable and Reliable WebHosting Plans for your webhosting needs.
Wednesday, September 01, 2004
some hacker
If you own an Invision Power board and so your boards don’t get hacked (like what happened to Protagonist Forums) … read on
here have been a number of conflicting reports on so-called ’security’ websites which state that IPB 1.3.1 is vulnerable to attack via ssi.php.
The report states that it is possible to execute remote SQL commands by tampering with the ‘f’ input attribute. This was a bug which was fixed back in February of this year and the fix was added to the IPB 1.3.1 release (as well as the main 1.3 release immediately).
This topic serves to clear up any confusion about this vulnerability. If you’re running a fresh installation of IPB 1.3.1 then you are totally protected. If you downloaded the updated ssi.php in February then you are totally protected. If you are unsure then visit the link below for the original topic and updated ssi.php file.
Download the patch
doodled by lauryn 
@ 01:45 pm 
Comments »
The URI to TrackBack this entry is: http://blogged.the-protagonist.net/wp-trackback.php/2511
No comments yet.
RSS feed for comments on this post.
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>
