From: UseBB Team <contact@us...> - 2007-09-29 11:48:28
I am happy to announce version 1.0.8 of the light and Open Source
PHP/MySQL bulletin board package "UseBB".
Version 1.0.8 is a minor security and bug fix release. The most
important fix is for a few full path disclosure vulnerabilities reported
by Ilia Alshanetsky. Upgrading is highly recommended. Visit
http://www.usebb.net/downloads/ for downloads. Information about
upgrading is available in the docs/index.html document.
One of the discovered vulnerabilities is the same one found in 1.0.5 and
prior releases. The fix introduced in 1.0.6 turned out insufficient and
the vulnerability appeared to come forward in another case as well. It
does not pose a direct threat to the forum but may disclose sensitive
information which may be abused by a user who has shell access to the
server or can abuse another vulnerable application or script.
Thus, as always, it is highly advised to regularly check for and install
updates of installed software. Nobody except the owner is responsible
when a vulnerability in an outdated version of an application has been
UseBB Project Manager
Get latest updates about Open Source Projects, Conferences and News.