FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum Development » Bug Reports » FUDforum Security Vulnerability Notification
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
FUDforum Security Vulnerability Notification [message #168196] Thu, 28 February 2013 15:32 Go to next message
htbridge is currently offline  htbridge
Messages: 1
Registered: February 2013
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
Hello,

High-Tech Bridge Security Research Lab has discovered a security vulnerability in FUDforum 3.0.4

Preview available here: www.htbridge.com/advisory/HTB23146

Developers can contact us by email for details: advisory (at) htbridge.com

For any questions related to this notification message - please visit our General Information & Disclosure Policy page: www.htbridge.com/advisory/disclosure_policy.html

Best regards,
High-Tech Bridge Security Research Lab
Re: FUDforum Security Vulnerability Notification [message #168207 is a reply to message #168196] Sun, 03 March 2013 14:25 Go to previous message
naudefj is currently offline  naudefj   
Messages: 3624
Registered: December 2004
Karma: 17
Senior Member
Administrator
Core Developer
remove from buddy list
ignore all messages by this user
Patch is available at http://fudforum.svn.sourceforge.net/viewvc/fudforum/trunk/install/www_root/ adm/admreplace.php?r1=4981&r2=5593

Users should not be overly concerned as this exploit requires administrator access to the forum.

Best regards.
Frank
Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: home and banner are opening in new window when clicked
Next Topic: NNTP Subject Encoding Bug
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Oct 19 14:32:30 EDT 2017

Total time taken to generate the page: 0.00645 seconds