[CentOS] Off-Topic Mambo Vulnerabilities & Patches
Jim Smith
jim_smith2006 at yahoo.com
Tue Feb 28 14:12:02 UTC 2006
This has been assigned, CVE-2006-0871 on
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0871
http://secunia.com/advisories/18935/ has some interesting details and
the requirement for "magic_quotes_gpc" is disabled for the Mambo SQL
Injection and File Inclusion Vulnerabilities.
While Mambo and VBulletin do suffer from vulnerabilities, (probably
once per year), they have a better security record than phpbb/phpnuke
which have vulnerabilities/incidents upto 4 times per year. Some
hosts ban phpbb from their servers.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the CentOS
mailing list