Results 1 to 2 of 2
  1. #1
    Join Date
    Jan 2004
    Posts
    66,347
    Blog Entries
    7
    Plugin Contributions
    271

    Default Security Patches for v1.3.0x

    As a result of a security vulnerability reported today, we are releasing the following patch instructions for anyone using Zen Cart v1.3.0, v1.3.0.1, v1.3.0.2:

    It is strongly advised that you apply these fixes immediately!

    Make the following code edits to secure your site:
    ---------------------------
    1. includes/application_top.php
    line 83:
    Code:
    include($base_dir . $loader_file);
    ADD this new EXTRA line immediately above it
    (Do not REPLACE it .... just INSERT A NEW LINE with this on it):
    Code:
    $autoLoadConfig = array();
    When you're done, it should look like this:
    Code:
    /**
     * load the default application_top autoloader file.
     */
    $autoLoadConfig = array();
    include($base_dir . $loader_file);
    if ($loader_dir = dir(DIR_WS_INCLUDES . 'auto_loaders')) {
    ---------------------------


    2. includes/classes/shopping_cart.php
    line 354:
    Code:
                    set customers_basket_quantity = '" . $quantity . "'
    should be replaced with:
    Code:
                    set customers_basket_quantity = '" . (float)$quantity . "'

    ---------------------------

    3. includes/modules/order_total/ot_coupon.php
    lines 104-108:
    Code:
          $coupon_result=$db->Execute("select coupon_id, coupon_amount, coupon_type, coupon_minimum_order,
                                         uses_per_coupon, uses_per_user, restrict_to_products,
                                         restrict_to_categories from " . TABLE_COUPONS . "
                                       where coupon_code='". $_POST['dc_redeem_code']."'
                                       and coupon_active='Y'");
    should be replaced with:
    Code:
          $sql = "select coupon_id, coupon_amount, coupon_type, coupon_minimum_order, uses_per_coupon, uses_per_user,
                  restrict_to_products, restrict_to_categories 
                  from " . TABLE_COUPONS . "
                  where coupon_code= :couponCodeEntered
                  and coupon_active='Y'";
          $sql = $db->bindVars($sql, ':couponCodeEntered', $_POST['dc_redeem_code'], 'string'); 
    
          $coupon_result=$db->Execute($sql);


    ---------------------------


    4. includes/modules/payment/paypal/paypal_functions.php
    line 35:
    Code:
        $sql = "select * from " . TABLE_PAYPAL_SESSION . " where session_id = '" . $session_stuff[1] . "'";
    should be replaced with these lines:
    Code:
        $sql = "SELECT * 
                FROM " . TABLE_PAYPAL_SESSION . " 
                WHERE session_id = :sessionID";
        $sql = $db->bindVars($sql, ':sessionID', $session_stuff[1], 'string');

    ---------------------------

    5. includes/functions/whos_online.php (only applies to v1.3.0.2 ... if you don't have this line, then you don't have a full v1.3.0.2 install)
    line 101:
    Code:
              set session_id = '" . $new_session . "' WHERE session_id = '" . $old_session . "'";
    should be replaced with these lines:
    Code:
              SET session_id = :newSessionID 
              WHERE session_id = :oldSessionID";
      $sql = $db->bindVars($sql, ':newSessionID', $new_session, 'string'); 
      $sql = $db->bindVars($sql, ':oldSessionID', $old_session, 'string');
    ---------------------------

    A new bugfix release will be published shortly and will contain these fixes.

    It is strongly advised that you apply these fixes immediately!

    NOTE: When editing, be careful not to leave blank lines at the end of your files.
    It is strongly recommended to use a code editor for making changes to these files ... suitable free editors include Notepad++ and Crimson Editor .
    A good free FTP program to use is FileZilla


    ABOUT SECURITY
    In the .zip file you downloaded for installing Zen Cart, and/or in the /docs folder of your site, there is a document called "Important Site Security Recommendations" which you should be addressing. An online version of the same document is available here:
    http://www.zen-cart.com/wiki/index.p...ecommendations



    .

  2. #2
    Join Date
    Jan 2004
    Posts
    66,347
    Blog Entries
    7
    Plugin Contributions
    271

    Default Re: Security Patches for v1.2.x

    For people concerned about v1.2.x, you can tighten security here:

    ---------------------------

    1. includes/classes/shopping_cart.php
    approximately line 256, depending on your version:
    Code:
                    set customers_basket_quantity = '" . $quantity . "'
    should be replaced with:
    Code:
                    set customers_basket_quantity = '" . (float)$quantity . "'
    ---------------------------

    2. includes/modules/order_total/ot_coupon.php
    lines 103-107:
    Code:
          $coupon_result=$db->Execute("select coupon_id, coupon_amount, coupon_type, coupon_minimum_order,
                                         uses_per_coupon, uses_per_user, restrict_to_products,
                                         restrict_to_categories from " . TABLE_COUPONS . "
                                       where coupon_code='". $_POST['dc_redeem_code']."'
                                       and coupon_active='Y'");
    should be replaced with:
    Code:
          $coupon_result=$db->Execute("select coupon_id, coupon_amount, coupon_type, coupon_minimum_order,
                                           uses_per_coupon, uses_per_user, restrict_to_products,
                                           restrict_to_categories from " . TABLE_COUPONS . "
                                           where coupon_code='". zen_db_input($_POST['dc_redeem_code'])."'
                                           and coupon_active='Y'");


    ---------------------------

    ABOUT SECURITY
    In the .zip file you downloaded for installing Zen Cart, and/or in the /docs folder of your site, there is a document called "Important Site Security Recommendations" which you should be addressing. An online version of the same document is available here:
    http://www.zen-cart.com/wiki/index.p...ecommendations


    .

 

 

Similar Threads

  1. Security Patches for v1.5.4 - November 2015
    By DrByte in forum Zen Cart Release Announcements
    Replies: 1
    Last Post: 27 Nov 2015, 06:31 PM
  2. List of Security Patches To Apply for v1.3.x
    By DrByte in forum Zen Cart Release Announcements
    Replies: 0
    Last Post: 1 Jul 2009, 09:59 PM
  3. RE: Security Patches for v1.3.0x
    By wondergirl in forum General Questions
    Replies: 2
    Last Post: 18 Aug 2006, 02:35 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR