vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   News and Announcements (https://vborg.vbsupport.ru/forumdisplay.php?f=2)
-   -   PHP Vulnerabilities in <= 4.3.9 and <= 5.0.2 (https://vborg.vbsupport.ru/showthread.php?t=73247)

Erwin 12-23-2004 08:28 PM
PHP Vulnerabilities in <= 4.3.9 and <= 5.0.2
 
Refer:
http://www.vbulletin.com/forum/showthread.php?t=123531

Reposted here because members here are asking questions about it.

-------------------------------------------------------------------------

The list of vulnerabilities is found here:
http://www.hardened-php.net/advisories/012004.txt

You will notice that one specifically mentions vBulletin. Please note that this it NOT a vBulletin vulnerability. It is a vulnerability in one of the PHP functions that vBulletin uses. To fix this vulnerability, you must upgrade your PHP.

PHP versions 4.3.10 and 5.0.3 are not affected. You may download either from here. (Note: we still recommend the 4.3.x series for vBulletin.)

If you upgrade your PHP and start getting errors with vBulletin, ensure any PHP caching or accelerator programs (such as Turck MMCache or Zend Optimizer) are also upgraded to the latest version. There is a change in PHP that conflicts with older versions!

If your server runs the Zend Optimizer you also upgrade this when you upgrade to PHP 4.3.10.

If you see an error like this:

Warning: Constants may only evaluate to scalar values in /path/to/init.php on line 752

... this indicates that your version of the Zend Optimizer is too old for PHP 4.3.10.

You should upgrade your Zend Optimizer by downloading the latest version from Zend.com.


All times are GMT. The time now is 07:00 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01062 seconds
  • Memory Usage 1,710KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (1)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete