SMF 1.1.9 and 2.0 RC1-1 released - SECURITY

Started by Informatics, May 22, 2009, 09:55:18 PM

Previous topic - Next topic

Informatics

Berkaitan dengan sering di-hack atau diserangnya situs2 forum berbasis SMF akhir ini... segera lakukan update/ugrade.

Info masalah keamanan:
Simple Machines Forum "packages.xml" Cross-Site Scripting
Quote
Description:
Xianur0 has discovered a vulnerability in Simple Machines Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input read from the "text" and "description" elements in a "packages.xml" file (e.g. when "action" is set to "packageget", "sa" is set to "browse", and "absolute" is set to the web address serving the malicious "packages.xml" file) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in an administrative user's browser session in the context of an affected site.

This vulnerability is confirmed in version 1.1.7 and 1.1.8. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Xianur0

Changelog:
2009-02-05: Updated "Description" section with additional version information.

http://secunia.com/advisories/33670/

[NOTICE] How to secure your site against recent attacks

http://www.simplemachines.org/community/index.php?topic=309717.0

SMF 1.1.9 and 2.0 RC1-1 released (info update dan patch)

http://www.simplemachines.org/community/index.php?topic=311899.0

1.1.8/2.0 RC1 Exploit Utility - kb_scan.php

http://www.simplemachines.org/community/index.php?topic=313201.0

Quote
Cara infeksi:

  • Avatar member berukuran sangat kecil (1x1 pixel) berwarna putih, berekstensi .jpg
  • Terdapat link2 spam di theme (tema), dimana bisa Anda temukan dengan membuka source code-nya melalui browser.
  • Theme tambahan akan ditambahkan ke database Anda, biasanya mempunyai ID=32[/l]


Unexpected T_ELSE error in 2.0 RC1-1 on Registration (or no Visual Verification)

http://www.simplemachines.org/community/index.php?topic=312955.0



You can catch me @ Forum Informatika a.k.a Indonesian Informatics Online Community @ http://if.web.id




Mods:
1. LinkTree v.1.1.0 [Topic  || Download]
2. Header Rotator v.1.1.0 for 1.1.x | v.2.1 for 2.0 [Topic || Download]

haito

www.japanesia.co.id | Portal Berita & Komunitas Untuk Kamu yang Suka Jepang

Karuhun

Sebenarnya sa masih bisa dilapis via .htaccess, itu berlaku untuk semua versi.

tooman

wew, berbahaya jg, apalagi htaccess jg g bisa :(

petrus2

#4
Uuppss...beres semua!!..
sep :D
Sebuah Komunitas Untuk Mejalin Kebersamaan : Forum Iseng-Iseng

bentonamaku

http://www.cangkir.com - 1st East Java Automotive Forum

Informatics



You can catch me @ Forum Informatika a.k.a Indonesian Informatics Online Community @ http://if.web.id




Mods:
1. LinkTree v.1.1.0 [Topic  || Download]
2. Header Rotator v.1.1.0 for 1.1.x | v.2.1 for 2.0 [Topic || Download]

indonesia

abis upgrade dari 1.1.8 ke 1.1.9 malah eror bro (blank)

gimana nih?
WarnetForum.com using SMF since 2007

Informatics

Apanya, biasanya errornya dimunculkan.

Kalau perlu upgrade manual aja.

http://www.simplemachines.org/community/index.php?topic=260745.0

Kalau errornya:

QuoteThe upgrader found some old or outdated language files.

Please make certain you uploaded the new versions of all the files included in the package, even the theme and language files for the default theme.

Solusi:

File upgrade.php ada code:

if (empty($match[1]) || $match[1] != SMF_LANG_VERSION)

ubah jadi

if( 0 ) // if (empty($match[1]) || $match[1] != SMF_LANG_VERSION)


You can catch me @ Forum Informatika a.k.a Indonesian Informatics Online Community @ http://if.web.id




Mods:
1. LinkTree v.1.1.0 [Topic  || Download]
2. Header Rotator v.1.1.0 for 1.1.x | v.2.1 for 2.0 [Topic || Download]

indonesia

udah sukses diupgrade

masalahnya sekarang forum blank
gk bisa masuk kemana2


aku dah coba reset ke theme=1 dari database

hasil sama aja

WarnetForum.com using SMF since 2007

indonesia

Eh.. ternyata warnetforum.com/index.php aja bro yang gak bisa diakses / blank...
klu dari index.php?action=login, action=forum bisa

aneh

klu warnetforum.com/index.html itu emang sengaja kubikin halaman maintenance krna eror kemarn tu
WarnetForum.com using SMF since 2007

indonesia

Udah bisa broo

ternyata masalah ada di plugins PrettyURLs :D

neh error log nya

ada banyak ternyata setelah aku enable (biasanya disabel)


http://www.warnetforum.com/index.php?PHPSESSID=c1b91f7c79a54a6b2019df55e1f1c32c
Apply Filter: Only show the errors with the same message
Database Error: Duplicate entry 'assalamualaikum' for key 'pretty_url'
File: /home/warnetku/public_html/Sources/PrettyUrls-Filters.php
Line: 274


setelah ku disable modnya, udah bisa deh...

dan mod tersebut emang udah ada versi terbarunya, barangkali bisa mengatasi masalah ini...

brb.. lembur dulu deh
WarnetForum.com using SMF since 2007

indonesia

eh.. setelah ku rename title salah satu post yang berjdul "assalamualaikum"... dan kuenabel lagi mods nya

ternyata udah bisa

ehhe...

WarnetForum.com using SMF since 2007

Informatics

Quote from: dkillers on May 30, 2009, 01:59:22 PM
eh.. setelah ku rename title salah satu post yang berjdul "assalamualaikum"... dan kuenabel lagi mods nya

ternyata udah bisa

ehhe...



alhamdulillah... ikut senang kalau sudah sukses upgrade-nya.


You can catch me @ Forum Informatika a.k.a Indonesian Informatics Online Community @ http://if.web.id




Mods:
1. LinkTree v.1.1.0 [Topic  || Download]
2. Header Rotator v.1.1.0 for 1.1.x | v.2.1 for 2.0 [Topic || Download]

Neng

aahh kena jg gua ... tp yg ini explo dari si nakulpi.net [nofollow] sialan itu

inject frame  :'(

ga pake 2rc1-1 , gua curiga waktu maen di warnet ngeliat status bar di browser gua kok ngerekues byk site dan tampilan berubah, hurufnya jd gede, trus pas akses di rmh, avast gua langsung muncul ngasih tau web yg gua akses (forum gua) .. mengandung virus/malware  O:)

tentang frame yg gua maksud coba search aja di google : nakulpi.net [nofollow]

trasher.info

ada yg tahu database info situs smf saya.
darimana tuh orang taunya ya?
mohon bimbingannya dong... biar situs smf saya aman terkendali.

Advertisement: