MyBB Community Forums
Discuss: MyBB PR2 Security Update [1/11/05] - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Miscellaneous Archive (https://community.mybb.com/forum-140.html)
+----- Forum: Old Announcements (https://community.mybb.com/forum-2.html)
+------ Forum: Announcements Discussion (https://community.mybb.com/forum-31.html)
+------ Thread: Discuss: MyBB PR2 Security Update [1/11/05] (/thread-4509.html)

Pages: 1 2 3 4 5


Discuss: MyBB PR2 Security Update [1/11/05] - Chris Boulton - 2005-11-01

Please discuss this thread here.


RE: Discuss: MyBB PR2 Security Update [1/11/05] - Chris W. B. - 2005-11-01

Thanks Updated Smile.


RE: Discuss: MyBB PR2 Security Update [1/11/05] - AppleJustworks - 2005-11-01

Yeah. great. I got hacked. Again. Thanks MyBB.
http://www.mymaf.com


RE: Discuss: MyBB PR2 Security Update [1/11/05] - slickdude - 2005-11-01

Chris is this why the RCTHQ went down?

What about all of my backups. If SQL was injected into them over a period of time, how do I find this and remove it.

I put months and as you know a whole night into getting this working.

Thanks.


RE: Discuss: MyBB PR2 Security Update [1/11/05] - AppleJustworks - 2005-11-01

well, regardless of the fact that our databases are still in tact, MyMAF is announcing its switch the Invision PowerBoard Forum Software.


Sorry guys, I just can't take downtime like this...(and bugs like the many I've reported.)


RE: Discuss: MyBB PR2 Security Update [1/11/05] - slickdude - 2005-11-01

Bummer, my backup and system won't even allow me in even after I restored the database. Not good!


RE: Discuss: MyBB PR2 Security Update [1/11/05] - Snake - 2005-11-01

I went to login but I got re-directed to the register page. Shy I just updated my forum.


RE: Discuss: MyBB PR2 Security Update [1/11/05] - Bill - 2005-11-01

Just to be sure, the files for download offered on the mainpage are already patched, right?


RE: Discuss: MyBB PR2 Security Update [1/11/05] - Michael S. - 2005-11-01

Yes, it is.
Chris Boulton Wrote:As of this post, the release on the MyBB website has also been updated.



RE: Discuss: MyBB PR2 Security Update [1/11/05] - Chris Boulton - 2005-11-01

Quote:Yeah. great. I got hacked. Again. Thanks MyBB.
It is impossible for us to identify every little insecurity in alot more than 10,000 lines of code. Even the audits we have in place may miss things at some stage.

Quote:well, regardless of the fact that our databases are still in tact, MyMAF is announcing its switch the Invision PowerBoard Forum Software.
If you feel you must do that, then that is up to you and i'm not going to try and change your mind.

If you want someone to blame, don't blame us, blame the people who create these "security adivsories" and also attach a perl based exploiter to attack forums. That isn't providing security information, that is plain outright expecting people to use these things against people and bring people's forums down.

Quote:(and bugs like the many I've reported.)
I'm happy to provide anyone with a copy of the latest code from subversion which fixes all of the reported and marked as fixed bugs. However due to the number of SQL changes for MySQL 5.0, I can't say that everything will work correctly. But the offer is, and always has been, on the table and all you have to do is ask.