Jump to content
InvisionCommunity.de - Der Deutsche Invision Community Support
Sign in to follow this  
Followers 0
IPBSupport News

[IPS] IP.Board 3.2.x, 3.3.x, and 3.4.x Critical Security Update

By IPBSupport News, in Neuigkeiten und Ankündigungen IPS

Recommended Posts

IPBSupport News    8

IPBSupport News
Posted

Security Update: 3rd May 2013

A critical security issue has been reported to us which may allow unauthorized access to an administrator account. We are releasing a security patch to address this issue. In the interest of allowing customers ample amount of time to apply the patch, we are not disclosing further details at this time.

Instructions

We are providing a patch for IP.Board versions 3.4, 3.3 and 3.2. If you are running a version less than 3.2 you should upgrade to get this and other security enhancements.

While IPS does not apply patches for you, patching is very easy:

  • Identify the version of IP.Board you are running.
  • Download and unzip the appropriate patch file below that matches your version.
  • Upload the contents of the extracted zip folder to your IP.Board home directory
  • If you have renamed your admin directory, then copy the files manually to the appropriate admin folder.

IP.Board 3.4.x
Attached File  3.4.zip   76.46K   1095 downloads

IP.Board 3.3.x
Attached File  3.3.zip   70.88K   257 downloads

IP.Board 3.2.x
Attached File  3.2.zip   64.78K   146 downloads



Important Notes:

  • When you apply the security update, the bulletin in your AdminCP will still display. We keep the bulletin in place for at least a week after a security release.
  • Our main software packages accessed via the client area have already been updated with this security update.
  • If you are an IPS Hosting client your community has been automatically patched. No further action is needed.
  • As this is not a full upgrade but a simple upload a file and you're done patch, IPS staff will not apply this patch as part of our support services.

We would like to thank security researcher John JEAN for his responsible disclosure of this issue to us. His information is as follows, and shared with permission:

  • Author: John JEAN
  • Twitter account: @johnjean
  • Occupation: Security researcher
  • Company: Wargan Solutions
  • Company's website: http://www.wargan.com


Quelle: http://community.invisionpower.com/topic/385207-ipboard-32x-33x-and-34x-critical-security-update/

Share this post

Link to post
Sign in to follow this  
Followers 0
Go To Topic Listing Neuigkeiten und Ankündigungen IPS
×