| Author |
Message |
djmaze
Subject Matter Expert
Joined: May 15, 2004
Posts: 727
Location: http://tinyurl.com/5z8dmv
|
 Posted:
Thu Feb 23, 2006 9:24 am |
|
|
 
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Thu Feb 23, 2006 12:42 pm |
|
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Thu Feb 23, 2006 5:08 pm |
|
Secunia, SecurityFocus, and those other sites don't seem to take into account any 3rd party things. If FB doesn't fix it, it never is closed.
Heck, I tried to tell them to use the Patched files, but my email just ended up bouncing through mailing lists and getting spammed. I don't think anyone on those sites care to actually provide solutions, just seem to report issues that hackers jump on before we can. |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
|
djmaze
|
| Posted:
Thu Feb 23, 2006 5:57 pm |
|
you are incorrect evaders.
Some exploits do get reported to the vendor before release and others i report as fixed.
See for yourself: http://secunia.com/product/4863/
The one that is open is reported as fixed today so you just check how fast it is marked as patched  |
| |
|
|
|
|
Raven
|
| Posted:
Thu Feb 23, 2006 11:42 pm |
|
DJ, I believe you. However, my experience has been the same as Evaders. On several occasions I have reported errors and fixes to them and they disqualify my responses or bounce them. So, I don't think it's a matter of right and wrong. It's a matter of pick and choose. |
| |
|
|
|
|
djmaze
|
| Posted:
Fri Feb 24, 2006 2:08 am |
|
They request a fixed file source.
Since phpnuke.org doesn't provide it, it doesn't get marked as patched. |
| |
|
|
|
|
evaders99
|
| Posted:
Fri Feb 24, 2006 2:12 pm |
|
Well yea - if the vendor reports the problems themselves...
Unfortunately we know that FB doesn't give a care about users risking their own server. Get me someone over there that will actually repond and I'll see about closing all of those issues  |
| |
|
|
|
|
recep
Hangin' Around
Joined: Dec 11, 2005
Posts: 44
|
| Posted:
Fri Feb 24, 2006 5:32 pm |
|
Where is Fb ? is he sleeping ?
l am thinking these questions answers for a long time ?
there are more than 100000 phpnuke users and lots of supporting websites and members and he is not joining any of them, l am sure even his own website (phpnuke.org), peoples started to search for future opportunities through phpnuke, like united nuke?
raven l want to learn your opinons about united nuke ?
is it written from the begining or just some fixes ?
l also want to ask you raven about codezwiz's Evolution Engine(tm) ,
l have had many questions on my mind to ask but forgetting when l see a huge forum like that |
_________________
[ www.kolayphp.com ] + [ www.bigphp.net ] |
|
|
|
|
recep
|
| Posted:
Fri Feb 24, 2006 5:34 pm |
|
Okey l remembered one of them, there was a website, whish displaying the sucurity bugs of phpnuke powered websites before.
site has a script tool which is displaying the securitu bugs of your phpnuke powered website .
l cant remember which website was that ? do any of your know friends ? |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
