Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 23 Feb 2012, 08:51
MrZeropage's Avatar
MrZeropage MrZeropage is offline
 
Join Date: Nov 2003
Real name: Marcel
ibProArcade v2.7.2+ coming

This version fixes the security-problem and will be released within the next 24 hours, after the staff here verified it is ok
__________________
Get the most installed modification for your vBulletin (more than 8400 installations and 144.000 downloads!):
ibProArcade 2.7.3+ download here | Click here to enter the ibProArcade-Support-Section
Reply With Quote
Comments
  #2  
Old 23 Feb 2012, 12:02
stangger5's Avatar
stangger5 stangger5 is offline
 
Join Date: Jan 2005
Thanks !!!
__________________
vb ibProArcade: Download Game, Game Challenge, Report Game, Daily Game Systems.
40,000+ Flash and HTML5 Games,, and more can be found at: next-level-arcade.com
Reply With Quote
  #3  
Old 23 Feb 2012, 12:32
Mark.B Mark.B is offline
 
Join Date: Feb 2004
Many thanks.

Could we also get the patch instructions so that those on older versions can patch up, like last time?
Reply With Quote
  #4  
Old 23 Feb 2012, 13:01
rpgamersnet's Avatar
rpgamersnet rpgamersnet is offline
 
Join Date: Jul 2004
Can you please provide a list of changes made with 2.7.2+ for those of us with heavily-customized arcades? I would like to just fix the security holes if possible Thanks for the quick response to the bugs too!
Reply With Quote
  #5  
Old 23 Feb 2012, 13:22
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
good stuff.
Reply With Quote
  #6  
Old 23 Feb 2012, 15:40
Alecsmith's Avatar
Alecsmith Alecsmith is offline
 
Join Date: Sep 2009
Real name: Nick
For now i disabled ibPro arcade i have tried to uninstall but seem to be not working anyways looking forward for new release ASAP
__________________

Reply With Quote
  #7  
Old 23 Feb 2012, 16:58
garyb12001 garyb12001 is offline
 
Join Date: Jun 2010
Great, thanks!
Reply With Quote
  #8  
Old 23 Feb 2012, 17:11
Schoelle Schoelle is offline
 
Join Date: Feb 2011
Thanks for the upcoming update.
Could you please explain what the exploit was and what could have happended to our boards?
Are passwords unsecure now or could some code be on our pages?
Please let us know what we can do to be sure that we are unaffected.

Thank you!
__________________
Attachements in private messages.
Vote here: http://tracker.vbulletin.com/browse/VBIV-5750
Reply With Quote
  #9  
Old 23 Feb 2012, 19:34
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
Originally Posted by Schoelle View Post
Thanks for the upcoming update.
Could you please explain what the exploit was and what could have happended to our boards?
Are passwords unsecure now or could some code be on our pages?
Please let us know what we can do to be sure that we are unaffected.

Thank you!
injection on arcade.php. Allowed a user to gain the MD5 and salt of any user it requested. best way to check if you are infected is to search for the following in your logs


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

If you find injection then follow it up.
Reply With Quote
  #10  
Old 23 Feb 2012, 19:46
JacquiiDesigns's Avatar
JacquiiDesigns JacquiiDesigns is offline
 
Join Date: Dec 2008
Location: Tennessee
Real name: Jacquii Cooke
...And just when I'd upgraded to 2.7.1 LOL
Anyway - thanks for the quick response Zero = looking forward to install the new version

J.
__________________
Call For Submissions. Come share your poetry & writing at JPiC Forum.
JPiC Forum For Writers | Celebrating Diversity With The Typed Word
Reply With Quote
  #11  
Old 23 Feb 2012, 20:15
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
 
Join Date: Jun 2008
Real name: Joe D.
Originally Posted by MentaL View Post
injection on arcade.php. Allowed a user to gain the MD5 and salt of any user it requested. best way to check if you are infected is to search for the following in your logs


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

If you find injection then follow it up.
For those not as tech minded it means a hacker could crack the password for any user on your site.

It would be a good idea to change the passwords of all admin accounts on your site if you had this mod installed.
__________________
-Joe (@BirdOPrey5) Former Moderator. Fighting for a free & independent vb.org.
BirdOPrey5.com - Exclusive VB Mods! (Formerly Qapla.com) | Joe's Ultimate Off Topic
Note - I do not read my PMs often, do not expect quick replies.
Reply With Quote
  #12  
Old 23 Feb 2012, 20:21
viper357's Avatar
viper357 viper357 is offline
 
Join Date: Dec 2006
Originally Posted by MentaL View Post
injection on arcade.php. Allowed a user to gain the MD5 and salt of any user it requested. best way to check if you are infected is to search for the following in your logs


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

If you find injection then follow it up.
Sorry for the noob question but which logs must we look at and where do we find them? Thanks.
__________________
Marine Aquariums
Reply With Quote
  #13  
Old 23 Feb 2012, 20:47
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
Originally Posted by viper357 View Post
Sorry for the noob question but which logs must we look at and where do we find them? Thanks.
web server logs, cpanel users can find them in /home/username/logs
Reply With Quote
  #14  
Old 23 Feb 2012, 20:49
Schoelle Schoelle is offline
 
Join Date: Feb 2011
Thanks MentaL.
No entries in my logs.
__________________
Attachements in private messages.
Vote here: http://tracker.vbulletin.com/browse/VBIV-5750
Reply With Quote
  #15  
Old 24 Feb 2012, 17:06
garyb12001 garyb12001 is offline
 
Join Date: Jun 2010
Any updates as to when the new version might be released? Thanks!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


New To Site? Need Help?

All times are GMT. The time now is 20:44.

Layout Options | Width: Wide Color: