Patch Level 1 for vBulletin v3.7.3 (Patch Only)

A

al3bed

New Member
hi,

A report was published recently pointing to potential flaws within the random number generator in PHP applications who use a weak seed and then go on to disclose any of the random numbers generated. This flaw could allow random numbers within vBulletin to be predicted and under the correct circumstances allow an attacker to obtain access to a user's account. To resolve this issue, it is necessary to release patch level versions of vBulletin 3.7.3

source: vBulletin 3.7.3 PL1 and 3.6.11 PL1 Released - vBulletin Community Forum

here 4 files we can called them PL1 for 3.7.3
I edit them depending on DGT files here: http://www.vbteam.info/vb-3-7-x-releases/8994-dgt-vbulletin-3-7-3-a.html

download files from attachment OR mirror: PL1_3.7.3.zip


good luck..
 
A

al3bed

New Member
dear Hoxxy you don't need to post this attention here because I am not nuller person :D I just edit files.

who don't trust these files; he can edit them by yourself:
1. global.php
find:
PHP: 
$cronimage = '<img src="' . create_full_url('cron.php?' . $vbulletin->session->vars['sessionurl'] . 'rand=' .  vbrand(1, 1000000)) . '" alt="" width="1" height="1" border="0" />';

repace it with:
PHP: 
$cronimage = '<img src="' . create_full_url('cron.php?' . $vbulletin->session->vars['sessionurl'] . 'rand=' .  TIMENOW) . '" alt="" width="1" height="1" border="0" />';
save.

2. class_core.php ... inside includes folder
find:
PHP: 
return md5(TIMENOW . SCRIPTPATH . SESSION_IDHASH . SESSION_HOST . vbrand(1, 1000000));

repace it with:
PHP: 
return md5(uniqid(microtime(), true));
save.

3. functions.php ... inside includes folder
find:
PHP: 
// #############################################################################
/**
* vBulletin's own random number generator
*
* @param    integer    Minimum desired value
* @param    integer    Maximum desired value
* @param    mixed    Seed for the number generator (if not specified, a new seed will be generated)
*/
function vbrand($min, $max, $seed = -1)
{
    if (!defined('RAND_SEEDED'))
    {
        if ($seed == -1)
        {
            $seed = (double) microtime() * 1000000;
        }
         mt_srand($seed);
        define('RAND_SEEDED', true);
    }
     return mt_rand($min, $max);
}

replace it with:
PHP: 
// #############################################################################
/**
* vBulletin's own random number generator
*
* @param    integer    Minimum desired value
* @param    integer    Maximum desired value
* @param    mixed    No longer used, was previously seed to the generator
*/
function vbrand($min = 0, $max = 0, $seed = null)
{
    mt_srand(crc32(microtime()));
     if ($max AND $max <= mt_getrandmax())
    {
        $number = mt_rand($min, $max);
    }
    else
    {
        $number = mt_rand();
    }
    // reseed so any calls outside this function don't get the second number
    mt_srand();
     return $number;
}
save.

4.version_vbulletin.php ... inside includes folder
replace all with:
PHP: 
<?php
 define('FILE_VERSION_VBULLETIN', '3.7.3 Patch Level 1');
 ?>
save.



I just want help no more
good luck
 
You must log in or register to reply here.
Top