Author |
Message |
VinDSL
Life Cycles Becoming CPU Cycles
Joined: Jul 11, 2004
Posts: 614
Location: Arizona (USA) Admin: NukeCops.com Admin: Disipal Designs Admin: Lenon.com
|
Posted:
Wed Mar 08, 2006 3:12 am |
|
Here's a weird one for you: http://nvd.nist.gov/nvd.cfm
Just happened to run across it while I was searching for the latest PHP-Nuke vulns...
When did this start?
For example, type 'PHP-Nuke 6.0 Final' in the search box and see what comes up.
Interesting, yes? |
_________________ .:: "The further in you go, the bigger it gets!" ::.
.:: VinDSL's Lenon.com | The Disipal Site ::. |
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
|
Posted:
Wed Mar 08, 2006 5:32 am |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
Posted:
Wed Mar 08, 2006 9:12 am |
|
|
|
|
evaders99
|
Posted:
Wed Mar 08, 2006 10:44 am |
|
I went through all the latest reports. I'm surprised, one report even got linked back to NukeFixes
Here's one fix - [ Only registered users can see links on this board! Get registered or login! ]
Others seem to be correct in the Patched, except for this one
[ Only registered users can see links on this board! Get registered or login! ]
It is a flawed code from concept. I'm not sure exactly how to correct it - the CAPCHA code is something I'm not too familiar with. How do other systems manage to maintain a randomization that is designed to be used once? |
|
|
|
|
VinDSL
|
Posted:
Wed Mar 08, 2006 5:13 pm |
|
evaders99 wrote: | Time to get cracking... |
LoL! And, Raven says my puns are getting bad... |
|
|
|
|
VinDSL
|
Posted:
Wed Mar 08, 2006 5:25 pm |
|
Hrm...
I wonder if cowboy knows about this one:
[ Only registered users can see links on this board! Get registered or login! ]
I don't see a link to his site in the summary...
[edit] Nevermind! I see it's been patched in CVS. [/edit] |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
Posted:
Wed Mar 08, 2006 5:53 pm |
|
evaders99 wrote: | I went through all the latest reports. I'm surprised, one report even got linked back to NukeFixes
Here's one fix - [ Only registered users can see links on this board! Get registered or login! ]
Others seem to be correct in the Patched, except for this one
[ Only registered users can see links on this board! Get registered or login! ]
It is a flawed code from concept. I'm not sure exactly how to correct it - the CAPCHA code is something I'm not too familiar with. How do other systems manage to maintain a randomization that is designed to be used once? |
Nuke doesn't really use a captcha. That would be FAR beyond FB's ability and he just hasn't found one to steal yet You are correct in the fact that it is a foundational flaw and the only way to correct it is to reconstruct. |
|
|
|
|
evaders99
|
Posted:
Wed Mar 08, 2006 10:15 pm |
|
Aye.. time to steal from phpBB? |
|
|
|
|
guidyy
Worker
Joined: Nov 22, 2004
Posts: 208
Location: Italy
|
Posted:
Wed Mar 08, 2006 11:32 pm |
|
not to be the devil's advocate, but, about security, phpBB coding aint this great.....
guido |
|
|
|
|
|