Subrion 2.0 Vulnerability

**Vasily B.** · 06-17-2011

Greetings,

Recently some of our member websites were hacked. All Subrion 2.0 versions are affected. Please apply the fix ASAP or you can contact our tech support and the guys will take care of it for you.

Steps to exclude logging in vulnerability error:

You should include these statement to /includes/classes/ia.core.users.php file

PHP Code:


			
$user = preg_replace('/[^a-zA-Z0-9._-]/', '', $user);

right before this statement:

PHP Code:


			
$row = $this->iaDb->row('*', ($uid == 0 ? "`username` = '$user' AND `password` = '$pass'" : "`id`='{$uid}'"), 0, null, 'accounts');

the statement above is placed in "getAuth" php function as a first instruction,
the line number you will find this statement is 346.

In other words, you should make the first above statement a first instruction of function getAuth.

So, finishing these steps the function text has to be like this:

PHP Code:


			
function getAuth($uid, $user = '', $pass = '')
{
$user = preg_replace( "/[^a-zA-Z0-9._-]/", '', $user);
$row = $this->iaDb->row('*', ($uid == 0 ? "`username` = '$user' AND `password` = '$pass'" : "`id`='{$uid}'"), 0, null, 'accounts');
...

Please accept our apologizes.

starnetwork · 07-28-2011

Hi,
when I add this code, users can't login to the admin panel.

Best Regards,
Star Netowrk.

Janur J. · 08-01-2011

Quote:

Originally Posted by starnetwork

Hi,
when I add this code, users can't login to the admin panel.

a bit strange.
can this particular user log in to front side? it is an important question, since the script has common authorization mechanism for both admin and front sides.

please provide with the appropriate ticket at Intelliants LLC - Powered by Kayako Fusion [beta] Help Desk Software

06-17-2011	#1 (permalink)
Vasily B. Administrator Join Date: Feb 2008 Location: Kyrgyzstan, Bishkek Posts: 510	Subrion 2.0 Vulnerability Greetings, Recently some of our member websites were hacked. All Subrion 2.0 versions are affected. Please apply the fix ASAP or you can contact our tech support and the guys will take care of it for you. Steps to exclude logging in vulnerability error: You should include these statement to /includes/classes/ia.core.users.php file PHP Code: `$user = preg_replace('/[^a-zA-Z0-9._-]/', '', $user);` right before this statement: PHP Code: $row = $this->iaDb->row('', ($uid == 0 ? "`username` = '$user' AND `password` = '$pass'" : "`id`='{$uid}'"), 0, null, 'accounts'); the statement above is placed in "getAuth" php function as a first instruction, the line number you will find this statement is 346. In other words, you should make the first above statement a first instruction of function getAuth. So, finishing these steps the function text has to be like this: PHP Code: function getAuth($uid, $user = '', $pass = '') { $user = preg_replace( "/[^a-zA-Z0-9._-]/", '', $user); $row = $this->iaDb->row('', ($uid == 0 ? "`username` = '$user' AND `password` = '$pass'" : "`id`='{$uid}'"), 0, null, 'accounts'); ... Please accept our apologizes. __________________ Auto classifieds script, Best Articles Script, Web Directory Software, Realty Classifieds Script, eLitius Affiliate Tracking Script - Open Source Affiliate Script, Free Directory Script - Best Free Directory Script Follow Surbion CMS news and updates on Subrion Twitter

07-28-2011	#2 (permalink)
starnetwork Member Join Date: Nov 2007 Posts: 32	Re: Subrion 2.0 Vulnerability Hi, when I add this code, users can't login to the admin panel. Best Regards, Star Netowrk.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode