Quick Login   
 
Register AdminFusion Tutorials
 
Featured Sponsors


One.com Domain and Hosting


Register
Forum of the Month
Australian Webmaster
fotm

A webmaster forum specifically catering for Australian site owners. We discuss site development, marketing and management issues.

Tag Cloud
Latest Threads
Forum Stats
8,073 Members
165,866 Posts
47 Users Online

Please welcome our newest member, masood!

Affiliates
Go Back AdminFusion » Getting Started » Software » Other Software » [MyBB News] MyBB 1.2.6 Released - Security Update
Welcome to the AdminFusion. AdminFusion is the ultimate resource for forum administrators and moderators. With exclusive articles, interviews with the experts, free downloadable skins, and the revolutionary post exchange system - PostFusion, AdminFusion is the place to go for all of your forum needs.  By joining AdminFusion, you will become part of a thriving admin community and immediately gain access to all of these resources. Registration is fast, simple and absolutely free so please join us today!
Want more than our forums? Try these: Post Fusion Forum Matrix
Old 04-25-2007, 03:50 AM   #1

Title: Apprentice

Points: 4,964, Level: 20Points: 4,964, Level: 20Points: 4,964, Level: 20
Level up: 21%, 86 Points neededLevel up: 21%, 86 Points neededLevel up: 21%, 86 Points needed
Activity: 36%Activity: 36%Activity: 36%

Join Date: Sep 2005

Posts: 463

Industry News is on a distinguished road
 
 
Post [MyBB News] MyBB 1.2.6 Released - Security Update

MyBB 1.2.6 is a security update to the MyBB 1.2 series. It fixes a high risk vulnerability recently discovered and reported in MyBB. We recommend everybody upgrades to this release as soon as possible or patches their boards with the manual patching instructions below.

We recommend all users upgrade their copy of MyBB to the latest available release.

This vulnerability allows a hacker to use SQL in a certain part of the calendar to gain the login key and password hash to your forum.

Immediately we're releasing a new version of MyBB which patches this exploit (MyBB 1.2.6). MyBB 1.1.8 is also affected. (See below)

MyBB 1.2.6 fixes this security vulnerability and nothing more: We're not quite ready to release a bug fix update at this time.

MyBB 1.2.5 to MyBB 1.2.6
This patch is only for users running MyBB 1.2.5. If you are running any other version of the MyBB 1.2 series then please download MyBB 1.2.6 from the MyBB site and update to it.

Please download the attached ZIP archive of calendar.php and inc/class_core.php and replace the files in your forum directory with the versions from the ZIP archive.

If you wish to manually patch your board please download "mybb_125_sql_fix.txt" and follow the instructions in that file.

More...
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

 
Posting Rules

Similar Threads
Thread Thread Starter Forum Replies Last Post
[MyBB News] MyBB 1.2.5 Released - Security Update Industry News Other Software 1 04-17-2007 10:50 PM
[MyBB News] MyBB 1.2.4 Released - Important Security Update Industry News Other Software 2 04-04-2007 12:38 PM
MyBB 1.2.1 Released - Maintenance & Security Update Release Belloman Other Software 0 09-27-2006 11:52 PM
Chris B - MyBB Owner Ryan Interviews 9 08-23-2006 07:06 AM
MyBB RC4 Security Update [16/08/05] miner Software 0 08-25-2005 09:18 AM

AdminFusion

All times are GMT +1. The time now is 05:11 AM. Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.1.0 © 2005-2008 AdminFusion - All Rights Reserved


From:
Title:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72