Not logged in. · Lost password · Register
Forum: News and announcements RSS
New development version fixes security issue
Avatar
Yves (Administrator) #1
User title: UNB developer & webmaster
Member since Jan 2004 · 3864 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Subject: New development version fixes security issue
I was reported a possible remote code exploit in UNB 1.6 Patch 1 and likely also previous versions (not sure about 1.5.x). The attacker needs to have a board account though and register_globals must be on for the bug to be exploited. The only change to fix this bug is the following in unb_lib/abbc.conf.php, around line 635:

  1. ...
  2. // Smiley Definitions
  3. // Insert the following two lines:
  4. if (!preg_match('/^([A-Za-z0-9-_]+)$/', $ABBC['Config']['smileset']))
  5.     $ABBC['Config']['smileset'] = '';
  6.  
  7. if ($ABBC['Config']['smileset'])
  8. {
  9. ...

As soon as I find the time to finish work on version 1.6.2, there will be a "stable branch" version with all of those things fixed. But you can use the latest development version, too, as it is mainly the same as 1.6.1 Patch 1 and seems to run stable.

Go to the download page.
♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬
rgod (Guest) #2
No profile available.
Link to this post
hi, rgod here, 1.5 branch is also vulnerable, check for design_path var in bb_lib/abbc.css.php, same issue
Avatar
Yves (Administrator) #3
User title: UNB developer & webmaster
Member since Jan 2004 · 3864 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Okay, for version 1.5.3-d (and possibly previous) I suggest the following patch, for bb_lib/abbc.css.php, around line 13:

  1. ...
  2. define('UNB_RUNNING', 1);
  3.  
  4. // Insert the following line:
  5. $design_path = $abbc_cfg['smileset'] = '';
  6.  
  7. require('abbc.cfg.php');
  8. ...

There will be no updated release for UNB 1.5, you'll have to apply that patch yourself or upgrade to 1.6. I guess most 1.5 installations now are heavily modified or their admins just don't care and thus won't read this anyway.

Btw, thanks for the report, rgod. But then not so thanks for the immediate publishing.
♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬
This post was edited on 2006-05-11, 17:31 by Yves.
jabez #4
Member since Jul 2006 · 16 posts
Group memberships: Members
Show profile · Link to this post
Is there some private email address that unb security alerts can be mailed to, without making them public on the board please Yves?
Avatar
Yves (Administrator) #5
User title: UNB developer & webmaster
Member since Jan 2004 · 3864 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Yes, mine, see the contact page.
♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬
tuzhak #6
Member since Apr 2007 · 3 posts
Group memberships: Members
Show profile · Link to this post
Thanks for fix. I hope there's no security issue next editions UNB.
Css Page | Daily Css | zonenoktaorg ödüllü seo yarışması | Kuzey Ruzgari | Fesupanallah | Pusat | Kurtlar Vadisi Pusu | Suleyman | Pars Narko Terör | Ölüm Çiçekleri
Avatar
Yves (Administrator) #7
User title: UNB developer & webmaster
Member since Jan 2004 · 3864 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Well, who does not hope that... :)
♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬
jense #8
Member since Nov 2006 · 327 posts · Location: Dortmund
Group memberships: Members
Show profile · Link to this post
:shock: First, I did not recognize that this is an old thread... puh.  :-)
Alala, Alala, Gimme three wishes - CSS
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Go to forum
This board is powered by the Unclassified NewsBoard software, 20120620-dev, © 2003-2011 by Yves Goergen
Page created in 172.6 ms (113.7 ms) · 89 database queries in 105.2 ms
Current time: 2014-07-25, 03:33:36 (UTC +02:00)