XMB Forum Software
Not logged in [Login - Register]
Search the forums Search   Frequently Asked Questions FAQ   View member list Member List   Today's Posts Today's Posts   Forum Stats Stats   Board Rules Board Rules  Download Download   SVN SVN   Bugs Bugs   Docs Docs  Back to: XMB Forum Home Page
XMB Forum Software » Support » Fixes / Patches » [Security] New Token System Go To Bottom

Printable Version  
Author: Subject: [Security] New Token System
miqrogroove
XMB 1.9.12 Lead Developer
*********

Avatar


Posts: 463
Registered: 10-1-2002
Location: Florida
Member Is Offline

Mood: Past Three O'Clock

[*] posted on 2-6-2011 at 09:37 PM
[Security] New Token System

Issue #434

Bug Source: XMB, all versions

Symptoms: None.

Security Impact: Medium

Discussion: Administrators could be tricked by third parties or spammers into running commands that are not confirmed by XMB. However, attackers would not be able to run such commands alone. This patch adds internal confirmation of all security-sensitive commands so that XMB will block unexpected activity.

Fixed By: XMB-1.9.11.12.zip and later are not affected.

Patch: Attachment: XMB-1.9.11-new-token-system.patch.txt (44kB)
This file has been downloaded 582 times
View user's profile Visit user's homepage View All Posts By User
miqrogroove
XMB 1.9.12 Lead Developer
*********

Avatar


Posts: 463
Registered: 10-1-2002
Location: Florida
Member Is Offline

Mood: Past Three O'Clock

[*] posted on 3-26-2011 at 05:40 PM
Patch Update

A file was missed in the first patch, so a second patch is needed now:

Attachment: XMB-1.9.11-r2540.diff (921B)
This file has been downloaded 410 times
View user's profile Visit user's homepage View All Posts By User

 XMB Forum Software » Support » Fixes / Patches » [Security] New Token System   Go To Top

Powered by XMB 1.9.12 (Debug Mode)
XMB Forum Software © 2001-2024 The XMB Group
[Queries: 16] [PHP: 13.5% - SQL: 86.5%]