Web Hosting Forum | Lunarpages
News: October 6, 2008 - Submit Your Site for the October 2008 Site of the Month!
 
Home Help Search Calendar Login Register
*
Welcome, Guest. Please login or register.
Did you miss your activation email? 		October 13, 2008, 12:00:52 AM


Login with username, password and session length


Web Hosting Forum | Lunarpages > Lunarpages Web Hosting - Information & Opportunities > Lunarpages Web Hosting - Announcements > Latest server scans for outdated scripts.
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Latest server scans for outdated scripts.  (Read 15704 times)
StephanieŽ
Administrator
Master Jedi
*****
Offline Offline

Posts: 1087
« on: April 17, 2008, 03:11:52 AM »
Hi,

We will be scanning our servers for the following installations and advising customers to check for regular updates:

Joomla Image Browser 0.1.5
Advisory
http://www.securityfocus.com/bid/31458
Patch info
An update is now available from the vendor

Invision Power Board <= 2.3.5
Advisory
http://www.securityfocus.com/archive/1/495841
Vendor
http://invisionpower.com
Patch info
http://forums.invisionpower.com/index.php?showtopic=276512
4images gallery all versions lower than 1.7.3 (1.7.6 is the latest)

Advisory
http://secunia.com/advisories/22349/

Vendor
http://www.4homepages.de/4images/download.php

Postnuke all versions lower than 0.7.6.4

Vendor
http://community.postnuke.com/index.php?name=News&file=article&sid=2787

Advisory
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1591
http://secunia.com/advisories/22983/
http://secunia.com/advisories/23849/ less critical, no update for this as of yet.


Joomla all versions lower than DEV_LEVEL 15 (1.0.1.5)

Vendor
http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseView&release_id=6828

Advisory
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1733
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1559
http://www.securityfocus.com/bid/28900/info

mambo all versions lower than 4.6.3

Vendor
http://sourceforge.net/projects/mambo/

Advisory
http://secunia.com/advisories/28670/


wordpress all versions lower than 2.5

Vendor
http://wordpress.org/download/

Advisory
http://www.securityfocus.com/bid/28935
http://secunia.com/advisories/28823/
http://xiam.menteslibres.org/pages/advisories/wordpress-2-5-salt-cracking-vulnerability
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1304

vBulletin
Vendor
http://www.vbulletin.com/

Vulnerable Packages
vBulletin 3.7.2 Patch Level 1.
vBulletin 3.6.10 Patch Level 3.
Older versions are probably affected too, but they were not checked.

Advisory
http://www.securityfocus.com/archive/107/308433

updates and patch info
http://www.vbulletin.com/forum/showthread.php?t=282133

You may already have patched your scripts or updated to a non vulnerable version, the scanner will pick out everything less than the latest up to date version and may also pick up current versions in the case where a patch may be required.
I apologize in advance if you receive an erroneous email and thank you for taking care of your account and ensuring your scripts are up to date.

The initial scans will email an advisory notice only, please understand that these measures are for the security of your account and server helping to prevent unwanted file inclusions and hacks, whilst ensuring the stability of all accounts.


Thank you in advance for your patience and understanding.
« Last Edit: October 07, 2008, 07:13:42 AM by StephanieŽ » Logged

Lunarpages Web Hosting

$700 Free CoffeeCup Software
Lunarpages Blog
Lunarpages Forums
Lunarpages Affiliate Program
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.6 | SMF © 2006-2008, Simple Machines LLC

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM