Jump to content

Whmcs 5.28 Com Outra Falha De Segurança? Já?


Recommended Posts

E-la-vamos-n%C3%B3s222.jpg

 

E lá vamos nós...

Lembrei de outro episodio do pica pau que tem um balão assim:

Mulheres, iates, dinheiro, mulheres, iates dinheiro...etc

No nosso caso:

Problemas para registrar dominios, problemas com ticket, problemas com emails, problemas com novos registros huauahuahauahuahuahuha

AtarWeb.com.br • Hospedagem de Site + SSL Grátis
█ Revenda de Hospedagem CPanel e DirectAdmin SSD + SSL Grátis
Link to comment
Share on other sites

No blog do whmcs:

 

 

 

Security Status Update


As you may be aware, a security issue has been published which affects all known versions of WHMCS.

We are currently aware of the issue and are working on a software update to prevent this attack vector from being successful.

We will be publishing software updates for the versions in Active Development and LTS per our Long Term Support Policy:

http://docs.whmcs.com/Long_Term_Support

Please keep watch on our blog, facebook and twitter to receive the latest updates.

AtarWeb.com.br • Hospedagem de Site + SSL Grátis
█ Revenda de Hospedagem CPanel e DirectAdmin SSD + SSL Grátis
Link to comment
Share on other sites

Acabou de sair do forno:

 

 

 

WHMCS Security Advisory for 5.x


WHMCS has released new patches for the 5.2 and 5.1 minor releases. These updates provide targeted changes to address security concerns with the WHMCS product. You are highly encouraged to update immediately.

WHMCS has rated these updates as having critical security impacts. Information on security ratings is available athttp://docs.whmcs.com/Security_Levels

Releases
The following patch release versions of WHMCS have been published to address a specific SQL Injection vulnerability:
v5.2.9
v5.1.11

Security Issue Information
This resolves the security issue that was publicly disclosed by "localhost" on October 18th, 2013.
This also includes some additional changes to protect against potential SQL injection vectors and additional security measures for admin account management.


Mitigation

WHMCS Version 5.2

Download and apply the appropriate patch files to protect against these vulnerabilities.

Patch files for affected versions of the 5.2 series are located on the WHMCS site as itemized below.

v5.2.9 (full version) - Downloadable from the WHMCS Members Area
v5.2.9 (patch only; for 5.2.8 ) - http://go.whmcs.com/238/v529_Incremental

To apply a patch, download the files indicated above and replace the files within your installation.
No upgrade process is required.

WHMCS Version 5.1

Download and apply the appropriate patch files to protect against these vulnerabilities.

Patch files for affected versions of the 5.1 series are located on the WHMCS site as itemized below.

v5.1.11 (patch only; for 5.1.10) - http://go.whmcs.com/234/v5111_Incremental

To apply a patch, download the files indicated above and replace the files within your installation.
No upgrade process is required.



All versions of WHMCS are affected by this vulnerability, however only 5.1 and 5.2 will be provided updates per our Long Term Support Policy.

You can read more about our Long Term Support Policy here:

http://docs.whmcs.com/Long_Term_Support



This Security Advisory is in the process of being emailed to all active license holders.

AtarWeb.com.br • Hospedagem de Site + SSL Grátis
█ Revenda de Hospedagem CPanel e DirectAdmin SSD + SSL Grátis
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

Do you agree with our terms?