Author Topic: Security Vulnerabilities in WB <= 2.6.3 sites that support public login, reg.  (Read 9031 times)

Offline Ryan

  • Posts: 2048
  • Gender: Male
    • My Homepage
Hi all,

Unfortunetely we have had a ticket recently regarding possible security vulnerabilities in all current versions of WebsiteBaker (i.e. 2.6.3 or earlier).
After looking at the ticket, and other area's of code more closely, our development team have found several possible flaws that can be exploited.

Thankfully, as I believe, the problems can only be exploited if the frontend login and/or registration is enabled, hopefully making it an isolated case.
At this current time, we haven't fully patched and tested our code.
However, we are working on it and will have an official release (and patch) available with the fixes ASAP.
Another possible (but not yet verified) flaw is with the guestbook module, or any other publicly accessable module that doesn't properly clean users input.

For now, if you are wanting to best protect yourself (mainly for those sites with public login/registration enabled), you can do the following:
- Disabled public login and registration until fixes are made
AND/OR
- Attempt to upgrade to the latest subversion trunk (recommended for advanced users only)

If you would like to export from trunk, please use http://svn.WebsiteBaker.org/websitebaker2/
Thankfully, we recently had anonymous access fixed, so you should easily be able to checkout.

The development team will be sure to keep everyone posted - with the latest important developments to be placed here for your convenience.

If you would like to discuss this post, please do so here (to avoid cluttering/crowding the thread from important announcements).

Apologies for any inconvenience caused.

Regards,


Ryan Djurovich
« Last Edit: May 16, 2006, 03:23:12 PM by Ryan »
Website Baker Project Founder
https://WebsiteBaker.org

To contact me via email, visit:
www.ryandjurovich.c om

Stefan

  • Guest
You can download a patched version of signup2.php from my server:
http://stefan-braunewell.de/wb/download/signup2.php.zip
I strongly advise to do so immediately and replace the file in the directory account by the php file inside the archive.

Offline Ryan

  • Posts: 2048
  • Gender: Male
    • My Homepage
Here is a direct link to the latest version of signup2.php from the subversion repository:
http://projects.WebsiteBaker.org/websitebaker2/browser/trunk/wb/account/signup2.php?format=raw
Website Baker Project Founder
https://WebsiteBaker.org

To contact me via email, visit:
www.ryandjurovich.c om

Offline Ryan

  • Posts: 2048
  • Gender: Male
    • My Homepage
We have finished fixing all possible (known) problems, and the fixes have been included in 2.6.4
I strongly advise updating to it ASAP (a smaller patch-only download will be available in the next few days, so if you can't download the whole file, then please be patient).
Hopefully this will put an end to the security holes discovered recently.
Website Baker Project Founder
https://WebsiteBaker.org

To contact me via email, visit:
www.ryandjurovich.c om

 

postern-length