Patches&Updates PhpBB and Sudo Security Fix



28 Oct 2005

PhpBB: the recently found vulnerability concerns those who enabled "avatar uploading" in the avatar settings. By default, it is disabled in H-Sphere. To fix the vulnerability, disable the "avatar uploading" setting.

Sudo: to fix the vulnerability:

  1. Log into your control panel server as root:
    su -
  2. Remove files of the previous patch:
    rm -f fix_sudo*
  3. Download the patch package from our site:
    Linux:
    wget http://www.psoft.net/shiv/HS/fix_sudo.gz
    FreeBSD:
    fetch http://www.psoft.net/shiv/HS/fix_sudo.gz
  4. Unpack the archive:
    gunzip fix_sudo.gz
  5. Run the script:
    /bin/sh fix_sudo


Copyright 1998-2008. Positive Software Corporation.
All rights reserved.