Author Topic: Security Vulnerabilities in WB <= 2.6.3 sites that support public login, reg. (Read 21264 times)

Ryan · « **on:** May 16, 2006, 03:21:17 PM »

Hi all,

Unfortunetely we have had a ticket recently regarding possible security vulnerabilities in all current versions of WebsiteBaker (i.e. 2.6.3 or earlier).
After looking at the ticket, and other area's of code more closely, our development team have found several possible flaws that can be exploited.

Thankfully, as I believe, the problems can only be exploited if the frontend login and/or registration is enabled, hopefully making it an isolated case.
At this current time, we haven't fully patched and tested our code.
However, we are working on it and will have an official release (and patch) available with the fixes ASAP.
Another possible (but not yet verified) flaw is with the guestbook module, or any other publicly accessable module that doesn't properly clean users input.

For now, if you are wanting to best protect yourself (mainly for those sites with public login/registration enabled), you can do the following:
- Disabled public login and registration until fixes are made
AND/OR
- Attempt to upgrade to the latest subversion trunk (recommended for advanced users only)

If you would like to export from trunk, please use http://svn.WebsiteBaker.org/websitebaker2/
Thankfully, we recently had anonymous access fixed, so you should easily be able to checkout.

The development team will be sure to keep everyone posted - with the latest important developments to be placed here for your convenience.

If you would like to discuss this post, please do so here (to avoid cluttering/crowding the thread from important announcements).

Apologies for any inconvenience caused.

Regards,

Ryan Djurovich

Stefan · « **Reply #1 on:** May 16, 2006, 05:01:10 PM »

You can download a patched version of signup2.php from my server:
http://stefan-braunewell.de/wb/download/signup2.php.zip
I strongly advise to do so immediately and replace the file in the directory account by the php file inside the archive.

Ryan · « **Reply #2 on:** May 17, 2006, 12:12:10 AM »

Here is a direct link to the latest version of signup2.php from the subversion repository:
http://projects.WebsiteBaker.org/websitebaker2/browser/trunk/wb/account/signup2.php?format=raw

Ryan · « **Reply #3 on:** May 21, 2006, 01:53:09 PM »

We have finished fixing all possible (known) problems, and the fixes have been included in 2.6.4
I strongly advise updating to it ASAP (a smaller patch-only download will be available in the next few days, so if you can't download the whole file, then please be patient).
Hopefully this will put an end to the security holes discovered recently.

News

Support WebsiteBaker

Your donations will help to:

You can donate by clicking on the button below.

Author Topic: Security Vulnerabilities in WB <= 2.6.3 sites that support public login, reg. (Read 21264 times)

Ryan

Security Vulnerabilities in WB <= 2.6.3 sites that support public login, reg.

Stefan

Re: Security Vulnerabilities in WB <= 2.6.3 sites that support public login, reg

Ryan

Re: Security Vulnerabilities in WB <= 2.6.3 sites that support public login, reg

Ryan

Re: Security Vulnerabilities in WB <= 2.6.3 sites that support public login, reg