Re: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass
From: gmdarkfig@xxxxxxxxx
Date: 30 Aug 2008 08:36:01 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Update: Versions 2.2.x are also affected to the SQL Injection issue. A patch is 
available from http://forums.invisionpower.com/index.php?showtopic=276512. They 
just corrected the SQL Injection vulnerability. All versions are still affected 
to the other issues.

Prev by Date: VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
Next by Date: [SECURITY] [DSA-1597-2] New mt-daapd package fix regression
Previous by thread: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass
Next by thread: [ MDVSA-2008:181 ] ipsec-tools
Index(es):
- Date
- Thread