Web Hosting Forum | Lunarpages
News: July 14, 2008 - New Contest! - Submit Your WordPress Theme Designs, Win BIG!
June 30, 2008 - Submit Your Site for the July 08 Site of the Month Award!
 
Home Help Search Calendar Login Register
*
Welcome, Guest. Please login or register.
Did you miss your activation email? 		July 26, 2008, 12:48:57 AM


Login with username, password and session length


Web Hosting Forum | Lunarpages > Lunarpages Web Hosting - Information & Opportunities > Lunarpages Web Hosting - Network Information > Exploitable Scripts
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Exploitable Scripts  (Read 1775 times)
Admin
Über Jedi
*****
Offline Offline

Posts: 2553


WWW
« on: March 09, 2005, 10:29:16 AM »
The following is being sent to customers:

Hello,

This is an attempt to notify our customers of exploits occurring on installed scripts.  It is very important that customers who use third party scripts ensure they are using the most secure version in order to protect the integrity of their account.  We highly encourage customers to check their scripts to be sure they are running the most secure versions.

- The Advanced guestbook within CPanel has an exploit.  It is currently being removed as an option in CPanel since there is no secure version available at this time.  Customers using this should remove it from their site immediately.  We will reinstate this option as soon as a stable version is released.  The developers have been contacted regarding this issue.

- The popular forum script, phpBB, has several exploits.  Customers should upgrade to the most secure version which is phpBB 2.0.13.  You can do this by going to http://www.phpbb.com/downloads.php.  The Fantastico version will be updated in CPanel as soon as this is available to us.  For more information on the exploits that are occurring on prior versions, please see the following links:

phpBB v2.0.11 http://seclists.org/lists/bugtraq/2005/Mar/0104.html

phpBB v 2.0.12 http://seclists.org/lists/bugtraq/2005/Mar/0045.html

-Moveable Type has exploits in all versions prior to 3.15.  Please ensure you have upgraded to version 3.15 if using this script.  For more information on the upgrade, please go here:  http://www.sixapart.com/movabletype/news/2005/01/movable_type_315_release.html

-phpCoin will be removed from Fantastico scripts today due to an exploit.  Fantastico does not plan on continuing support of this feature.  For more information on this, see http://secunia.com/advisories/14439/

Please take some time to check to see if you are using any of the listed scripts.  If you are, please remove or upgrade as appropriate.  If you do not use any of the scripts noted, you do not have to take any action on your account.  Thank you for your cooperation and for ensuring we have a stable environment.  If you have any questions regarding this, please contact support@lunarpages.com.

Thank you,
Lunarpages Support
Logged
Lunarpages Web Hosting

Lunarpages Forums

Lunarpages Affiliate Program
Admin
Über Jedi
*****
Offline Offline

Posts: 2553


WWW
« Reply #1 on: March 18, 2005, 02:14:50 PM »
Hello,

This is an attempt to notify our customers of exploits occurring on installed scripts. It is very important that customers who use third party scripts ensure they are using the most secure version in order to protect the integrity of their account. We highly encourage customers to check their scripts to be sure they are running the most secure versions.

- The popular forum script, vbulletin, has several exploits. Customers should upgrade to the most secure version.  All versions of vBulletin prior to 3.0.6 and 2.3.6 are vulnerable. For more information on the exploits that are occurring on prior versions, please see the following:

http://www.vbulletin.com/forum/showthread.php?t=127027

Please take some time to check to see if you are using this script. If you are, please remove the script or upgrade it. If you do not use this script, you do not have to take any action on your account. Thank you for your cooperation and for ensuring we have a stable environment. If you have any questions regarding this, please contact support@lunarpages.com.

Thank you,
Lunarpages Support
Logged
Lunarpages Web Hosting

Lunarpages Forums

Lunarpages Affiliate Program
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.3 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM