TUCoPS :: Web BBS :: Frequently Exploited :: hack1212.htm

phpBB EXEC exploit - new release
EXEC exploit in phpBB - new release 

With reference to the exec exploit in phpBB. A new release, phpBB 2.0.11 is
now available (in all usual forms) from our site, www.phpbb.com. For those
users not wishing to upgrade we strongly urge (again) you at least implement
the fix posted previously to bugtraq (see
http://www.phpbb.com/phpBB/viewtopic.php?t=240513). 

Again, may I urge all those who discover exploits in any application, inform
the authors first. If you (and indeed the authors) find no way to take
advantage of the exploit, and subsequently do discover a method, again
inform the authors. At www.phpbb.com we maintain a security tracker 
(www.phpbb.com/security/) which gives both private (for as yet undisclosed
issues) and public (for fixed or invalid issues) access to note issues with
our software. Please use it!

psoTFX, phpbb.com

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH