[IPS News]

Security Update for IP.Board 3.0.2
It has come to our attention that there are two potential SQL injection vulnerabilities present in IP.Board 3.0 which can be taken advantage of via careful URL crafting.

Resolution
The attached zip contains two files which fix the issue. The files are for IP.Board version 3.0.2 only. Those still running 3.0.0 or 3.0.1 will need to upgrade to 3.0.2 as soon as possible.

The main 3.0.2 download zip was updated at 10:15 am EST August 18, 2009. If you download 3.0.2 after this time: your files are already updated.

Simply download the attached zip file and upload the files contained within to your IP.Board directory on your server. No other action is required.

 180809.zip (13.73K)
Number of downloads: 7129

Support Note: While our technical support department will apply this patch for you on request for those with support service, we strongly suggest you apply this patch yourself whenever possible. Applying the patch is a simple matter of uploading files to your server and, once done, your community is instantly protected without having to wait for our technicians to do the upload for you.



Impacted Versions:
3.0.0
3.0.1
3.0.2 versions downloaded before posted time or unpatched

Not Impacted:
2.0.x
2.1.x
2.2.x
2.3.x


The vulnerability information was purchased by Beyond Security's SecuriTeam Secure Disclosure. The discoverer of the vulnerability requested to remain anonymous. IPS thanks this group for bringing it to our attention.

[IPS News]

Manual Patch Instruction
For power users who wish to manually update the PHP source files.

File: "admin/applications/core/modules_public/search/search.php"
Line: 207

Quote

$search_term = str_replace( """, '"', IPSText::parseCleanValue( urldecode( $this->request['search_term'] ) ) );

File: "admin/applications/core/modules_public/global/lostpass.php"
Lines 75 and 439:

Quote

$in_validate_key = IPSText::md5Clean( trim( urldecode( $this->request['aid'] ) ) );