lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20050620123028.10431.qmail@cgisecurity.net>
Date: Mon Jun 20 13:45:36 2005
From: bugtraq at cgisecurity.net (bugtraq@...security.net)
Subject: Security of phpBB

> 
> Hi,
> 
> I am new to this list and to security in general so please excuse my 
> question. A friend told me that our forum software phpBB is not very secure 
> and told me about this. Where can I get information on that? What must I do 

www.securityfocus.com has an archive of just about every phpbb issue. You probably also
want to check the vendor changelog at www.phpbb.com.



> to make it secure?

Uninstall it. In all seriousness I'd say phpbb and phpnuke have some of the worst track records 
for a web application ever.

- admin@...security.com
http://www.cgisecurity.com 

> 
> Thank you.
> 
> Kind regards,
> Tom Edwards, Manager
> 
> _________________________________________________________________
> MSN Hotmail. Anmelden und gewinnen! http://www.msn.de/email/webbased/ Ihre 
> Chance, eines von 10 T-Mobile MDA II zu gewinnen!
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ