| Product Updates All updates, fixes and patches to the script. |
09-11-2006, 07:01 PM
|
#1
|
|
Managing Director
Join Date: Sep 2005
Age: 34
Posts: 1,713
Rep Power: 10
|
3.25 Security Patch Released (SA21855)
A critical vulnerability has been found in Vivvo 3.2 and Vivvo 3.25, which can be exploited by malicious people to conduct SQL Injection and File Inclusion attacks and therefore compromise a vulnerable system.
We strongly advise everyone to download and apply the patch from this location.
Instructions:
Download the .zip file, unpack, choose your version (3.2 vs. 3.25) and overwrite the existing files in root folder.
If you're unsure what version of Vivvo do you have on the server, check the version.txt file in root folder of your site.
|
|
|
|
09-11-2006, 07:33 PM
|
#2
|
|
Managing Director
Join Date: Sep 2005
Age: 34
Posts: 1,713
Rep Power: 10
|
Important Notice
Important notice:
Everybody affected with the latest attack, make sure to check your /templates folder.
If you find ANY .php file inside, make sure to IMMEDIATELY delete it, for the attackers probably left troyans inside.
|
|
|
|
|
09-12-2006, 12:54 AM
|
#3
|
|
New Vivvo User
Join Date: May 2006
Posts: 25
Rep Power: 0
|
Thanks Boccio
youre a star - i have now replaced the files in the patch successfully - hope this will make the script difficult to penetrate - CHEERS
|
|
|
|
|
09-12-2006, 08:02 AM
|
#4
|
|
New Vivvo User
Join Date: May 2006
Posts: 13
Rep Power: 0
|
Hi Boccio,
I have just installed the patch but now have this 'Dengesiz Team' displayed instead of our homepage. Is this part of the problem?
What should I do now? Re-install?
|
|
|
|
|
09-12-2006, 08:07 AM
|
#5
|
|
New Vivvo User
Join Date: May 2006
Posts: 13
Rep Power: 0
|
Hi,
Managed to find the rogue file. Somebody had replaced the original index.php.
Otherwise site seems to be ok.
|
|
|
|
|
09-12-2006, 09:35 AM
|
#6
|
|
Managing Director
Join Date: Sep 2005
Age: 34
Posts: 1,713
Rep Power: 10
|
Yes, the attacker defaced your website, so anyone else having the similar problem - just replace the normal index.php file.
|
|
|
|
|
09-12-2006, 09:41 AM
|
#7
|
|
New Vivvo User
Join Date: Jun 2006
Age: 24
Posts: 4
Rep Power: 0
|
Thanks Boccio, you are the best 
__________________
-- misli mene gone --
|
|
|
|
|
09-12-2006, 09:45 AM
|
#8
|
|
New Vivvo User
Join Date: May 2006
Posts: 3
Rep Power: 0
|
Question
hi, thanks for this update, but i have a question.
once i asked to change the code in a way to put make the latest news get its data from one category not all the categories are found in the site, so what you helped me with is that makeing some changes in the code related to latest and fetured news.
and i want to update the site, so i could not amend the old one cause the second one will view the articles from all categories, how you could help me with that.
kind Regards
|
|
|
|
|
09-12-2006, 01:24 PM
|
#9
|
|
Managing Director
Join Date: Sep 2005
Age: 34
Posts: 1,713
Rep Power: 10
|
Contact our support staff via HelpDesk, we'll manually patch all customized versions of Vivvo.
|
|
|
|
|
09-12-2006, 05:34 PM
|
#10
|
|
New Vivvo User
Join Date: May 2006
Posts: 3
Rep Power: 0
|
Thanks
Thank you very much
kind regards
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
Support HelpDesk:
You can submit a trouble ticket in the support area at any time, using your client area email and password.
Vivvo CMS Resource Center:
The Vivvo CMS Resource Center is your window to a variety of resources that showcase Vivvo's features and technologies. So whether you're brand new to Vivvo or a seasoned user, you can find the information you need right here!
Latest Additions:
Contact us:
Business hours
Mon-Fri 9:00AM - 6:00PM GMT+1
(Europe)
Telephone Sales
381 11 311-50-20
Email inquiries
sales@vivvo.net
(Sales inquiries)
support@vivvo.net
(Support inquiries)
|
Six months free upgrades