Go Back   Mosets Community > Mosets Announcements and Discussions > Announcements

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 09-13-2010, 03:27 PM
dknight dknight is offline
Mosets Team - Lead Developer
 
Join Date: Dec 2004
Posts: 25,895
Lightbulb Mosets Tree 2.1.6 update available with a security fix

It has come to my attention that Mosets Tree 2.1.5 and below contains a security vulnerability affecting the attachment and image upload feature that allows users to upload and execute arbitrary codes on your website. This affects all Mosets Tree 2.1.x installation that accepts front-end attachments or images submission.

This release addresses the security vulnerability and fixes all bugs that have been reported since 2.1.5's release. Changes:
  • Fixed bug in certain custom field when values contains double quote.
  • mod_mt_search: Added parent_cat_id to searchword's input field to enable the ability to have 2 or more search modules appearing on the same page.
  • Fixed a variable typo that causes no e-mail to be sent to public listing owners when their listings are approved.
  • Fixed bug where Add category form is accessible even when disabled.
  • Fixed an image upload vulnerability by accepting images with file extension ending with gif, png, jpg or jpeg only. (Reported by Jeff Channell)
  • Added a new internal config (banned_attachment_filetypes) to prevent PHP file from being uploaded as attachment.

All users that are running Mosets Tree 2.1 series are advised to upgrade to 2.1.6 immediately.

Downloading the upgrade

The upgrade is available at your account by logging in to http://www.mosets.com/login/ and clicking at Mosets Tree subscription number. Full install and upgrade instructions are also available there.
__________________
Lee
Lead Developer
Mosets.com - Quality Joomla! Solutions

Last edited by dknight; 09-16-2010 at 02:54 PM.
Reply With Quote
  #2  
Old 09-16-2010, 04:12 PM
dknight dknight is offline
Mosets Team - Lead Developer
 
Join Date: Dec 2004
Posts: 25,895
Default Patch instructions for users running Mosets Tree 2.0.x

If you are still running Mosets Tree version 2.0.x, follow these instructions to patch this vulnerability.

FILE: /components/com_mtree/mtree.php

Find these codes near line 3484:
PHP Code:
                        $file_extension pathinfo($original_image->filename);
                        
$file_extension strtolower($file_extension['extension']); 
and replace with the following:
PHP Code:
                        $file_extension pathinfo($original_image->filename);
                        
$file_extension strtolower($file_extension['extension']);

                        if( !
in_array($file_extension,array('png','gif','jpg','jpeg')) ) {
                            continue;
                        } 
__________________
Lee
Lead Developer
Mosets.com - Quality Joomla! Solutions
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mosets Tree 2.1.5 update available dknight Announcements 0 07-01-2010 07:24 PM
Mosets Tree 2.1.1 upgrade available dknight Announcements 1 08-13-2009 07:58 PM
Mosets Tree 2.0.4 upgrade available dknight Announcements 0 11-21-2007 01:11 PM
Mosets Tree 2.0 released dknight Announcements 0 08-02-2007 05:32 PM


All times are GMT +8. The time now is 03:57 AM.

Copyright © 2005-2010 Mosets Consulting

Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.