Full Disclosure mailing list archives
phpbb 2.0.15 released - patches high critical vuln
From: Paul Laudanski <zx () castlecops com>
Date: Sun, 8 May 2005 00:03:59 -0400 (EDT)
I don't normally send an email about updated packages, but this one fixes a potentially serious issue. re: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=288194 A high risk bbcode.php vulnerability is patched with this version, at the very least please patch it via the link above. It was discovered by Papados and patched by myself. In agreement with phpbb.com, we'll (CastleCops) release the full details in five days. A CVE has been obtained. Alt Src: http://isc.sans.org/diary.php?date=2005-05-07 -- Sincerely, Paul Laudanski .. Computer Cops, LLC. Microsoft MVP Windows-Security 2005 CastleCops(SM)... http://castlecops.com MVP Blog http://msmvps.com/castlecops CCW Wiki http://wiki.castlecops.com BHO/TB CLSIDs: http://castlecops.com/CLSID.html LSPs: http://castlecops.com/LSPs.html O23s: http://castlecops.com/O23.html O9s: http://castlecops.com/O9.html StartupList: http://castlecops.com/StartupList.html ________ Information from Computer Cops, L.L.C. ________ This message was checked by NOD32 Antivirus System for Linux Mail Server. part000.txt - is OK http://castlecops.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- phpbb 2.0.15 released - patches high critical vuln Paul Laudanski (May 07)
- Re: phpbb 2.0.15 released - patches high critical vuln Paul Laudanski (May 12)