4images Forum & Community
4images Issues / Ausgaben => Discussion & Troubleshooting => Topic started by: djith on March 15, 2007, 06:22:22 PM
-
I received this e-mail from lunarpages, my host, and it says that i need to update from 4images 1.7.1 to 1.7.4 urgently due vulnerable script!
Dear Customer,
Our server scanner has detected a vulnerable script on your account
which may require updating.
Please see http://www.lunarforums.com/forum/index.php?topic=39202.0 for
further information, this notice is for information only.
If the script is not updated within the next 48 hours a subsequent scan
will disable it as insecure scripts can lead to compromised accounts.
Thank you in advance for your patience and understanding with regards
to this.
The following are the scripts:
Script: /home/*****/*****l/config.php
Description: Vulnerable 4images gallery (update to 1.7.4 required)
If you require any further information or help with regards to this,
please contact support.
Kind Regards,
Lunarpages Support
_________________________________________________________________
So do i only need to update the config.php ?
I've seen there is no config.php in 1.7.4
What to do now? how to solve and fix this?
would be glad for any advice,
Mathew
-
try....http://www.4homepages.de/forum/index.php?topic=15187.0
if you have mods you can use something like winmerge
-
Hello;
the explanation is here: http://secunia.com/advisories/22349/ (http://secunia.com/advisories/22349/)
You run the version 1.7.1.
Upgrade to 1.7.4 or apply this patch: [1.7 - 1.7.3] Security fix for SQL injection in global.php (http://www.4homepages.de/forum/index.php?topic=14604.0)