PHP version 4.3.9 is vulnerable to meta character attacks. The bug could enable an attacker to read arbitrary files from the filesystem of a webserver that hosts PHP scripts.

In addition PHP versions 4.3.6 until 4.3.9 as well as PHP versions 5.0.0 until 5.0.2 contain a bug that enables an attacker to manipulate the file name of uploaded files to perform directory traversal.

While both vulnerabilities exist in windows and unix platform versions of PHP, they can only be successfully exploited on windows systems.

For more information on these vulnerabilities, see the SecurityFocus page.

You should update your version of PHP quickly!

chatserv writes:  

The newest version of PHP-Nuke Patched has been released, basic changes from the previous version are described here, plus BBtoNuke 2.0.11 has been added to them, currently the patches for Nuke 6.0 and 6.5 are still pending upgrade but will be out ASAP.

This most likely marks the last time patches for Nuke 6.x will be released, eleven patches are simply too much to work on, unless i can come up with a changed files only patch for them which is possible.

As usual the download links are available in a top center block of this website.

Mesum writes:  

That's right, there is no special note in Read Me file or anything for users who change their admin.php to make the changes in robots.txt.

You know what that means right?

This alert is for 7.6 so far.

Nuke Gangsta

Version updated to cover file access security added for all admin files and a few minor bug fixes, with 2.7 i have released a patch for PHP-Nuke 7.6.

To clarify a doubt some users have expressed in the past, these patches are not meant to be used for upgrading your current PHP-Nuke version as not all files are included, you should download the patch for your version of Nuke only.

Download links available in one of the top center blocks of this website.

64BitGuy posted about this in the forums, but we need to have this here too.

It has been brought to our attention that the highlighting exploit can be taken advantage of, and it a serious way. We are hastily preparing a new release. However that release contains a number of other fixes and additions and thus we carrying out some internal testing to limit the chances of other issues arising.

In the mean time we strongly, and I mean strongly! urge all our users to make the following change to viewtopic.php as a matter of urgency.

Open viewtopic.php in any text editor. Find the following section of code:

//
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
// Split words and phrases
$words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));

for($i = 0; $i < sizeof($words); $i++)
{


and replace with:

//
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
// Split words and phrases
$words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));

for($i = 0; $i < sizeof($words); $i++)
{

Note: 

Please inform as many people as possible about this issue. If you're a hosting provider please inform your customers if possible. Else we advise you implement some level of additional security if you run ensim or have PHP running cgi under suexec, etc.

sharlein writes:  

Flux is the name of a new pest spreading covertly through the internet. Flux is a trojan that is making the life of most anti malware vendors much harder.

Flux is a reverse backdoor type of trojan. Reverse means that rather than the infected machine waiting for a connection to be made from outside, the infected machine trys to make the connection itself. Standard trojans are made up of two parts - the server and the client.
The client is downloaded to infect the machine. The server is another pc somewhere in the world that then tries to communicate with the client. The problem with standard trojans is that if the infected machine has a good firewall, then the server cannot connect to the client. So although the machine is infected, no data is transferred to the server from the client.
To overcome the blocked connection, malware writers now use this reverse logic to make the client machine responsible for the connection. Many standard firewalls will block requests coming in from the internet to connect, but do not block about outgoing requests to connect. Trojans like flux can therefore operate even through most firewalls.
 Read More...