Dear Customers and Friends,
An exploit has come to our attention that necessitates the release of a Patch for all currently supported versions, including
- vBSEO 3.6.0
- vBSEO 3.5.2
- vBSEO 3.5.1 (including PL release)
- vBSEO 3.5.0
Versions below 3.5.0 are no longer supported and have met end of life. If you are running 3.5.0 or lower, it is highly suggested that you upgrade to a newer build immediately.
All of the above install packages in the downloads area have been updated should you wish to re-install the entire product. Version numbers have not changed, and there will be no "PL" designation with this update.
Otherwise, the simple fix is to edit the file
کد:
/vbseo/includes/functions_vbseocp_abstract.php
Find:
کد PHP:
public static function proc_deutf($ptxt, $tocharset)
{
$ptxt = preg_replace('#\'([^\']*)(\'\s*\=\>)#mie', '"\'".(($_s = iconv("UTF-8", \''.$tocharset.'\', "$1")) ? $_s : "$1").stripslashes(\'$2\')', $ptxt);
return $ptxt;
}
Replace with:
کد PHP:
{
$ptxt = preg_replace('#\'([^\']*)(\'\s*\=\>)#mie', '"\'".(($_s = iconv("UTF-8", \''.$tocharset.'\', \'$1\')) ? $_s : \'$1\').stripslashes(\'$2\')', $ptxt);
return $ptxt;
}
Or, you can simply over-write the entire file from the new download up to your site.
Please take immediate action to protect your sites.
IMPORTANT
It has been reported that some sites have had random plugins show up in their plugin list in the vB adminCP. Please take the time to go through your plugin list. If you do see anything that doesn't look familiar, it may be wise to disable that plugin while troubleshooting further. Most reports have been tied to the global_complete hook under the core 'vBulletin' product, but may also be elsewhere. We are unsure of any implications or ramifications that may have resulted, as an infinite of code or text may have been injected. However, what we have seen appears to be a link-stealer for outbound traffic and doesn't necessarily expose any information or passwords of your site. It is always a good idea to update your ftp, server, vb admin, vbseocp, and even any htaccess passwords on your server as a precaution.
If you find any more information about the issue, please do bring it to our attention ASAP so it can be addressed. If you have any questions, please feel free to open up a ticket or thread and we will be glad to assist further.
From the FAQ's ---> I was hit, how do I fix it?
Go through your plugin list. If you do see anything that doesn't look familiar, it may be wise to disable that plugin while troubleshooting further. Most reports have been tied to the global_complete hook under the core 'vBulletin' product, but may also be elsewhere.
Testing Utility
To help in seeking suspect plugins, we have created a small utility that verifies the source code of all your plugins and datastore for known patterns of malicious plugins that have been reported:
vBSEO Security Bulletin* All Supported Versions: Patch Release
پاسخ با نقل قول
علاقه مندی ها (بوک مارک ها)