Register Log In

UBB.threads PHP Forum Software Community Forums UBB.threads 6 Version 6 Support threads 6.5.5 vulnerability

Print Thread

Hop To

threads 6.5.5 vulnerability #129683 07/31/2006 5:20 PM
Joined: Sep 2004 Posts: 21 J John B stranger
John B stranger J Joined: Sep 2004 Posts: 21	Is anybody aware of a vunerability issue with 6.5.5? Some bastard got in our board and was sending phishing mail from our site - any clues? Thanks, John

Re: threads 6.5.5 vulnerability #129684 07/31/2006 8:02 PM
Joined: Jun 2006 Posts: 9,242 Likes: 1 Aberdeen, WA R Rick Former Developer
Rick Former Developer R Joined: Jun 2006 Posts: 9,242 Likes: 1 Aberdeen, WA	No vulnerabilities exist in 6.5.5 that I'm aware of. If this was an upgrade from an earlier version it's highly possible that they had exploited the old version and possibly left a backdoor. Did you recently upgrade from an older version?

Re: threads 6.5.5 vulnerability #129685 08/01/2006 4:11 AM
Joined: Feb 2006 Posts: 31 L Luka newbie
Luka newbie L Joined: Feb 2006 Posts: 31	Are you sure the phishing mail is coming from your site ? Or are they just using your site name/address/whatever as their "beard" ? (Faking it.)

Re: threads 6.5.5 vulnerability #129686 08/01/2006 4:21 AM
Joined: Feb 2006 Posts: 31 L Luka newbie
Luka newbie L Joined: Feb 2006 Posts: 31	Rick, Speaking of backdoors, and I hope it's ok to ask this question here instead of starting another thread... When I upgraded, I found files on my server that I had not seen before. Those files are... .bash_logout .bash_profile .bashrc .gtkrc .shadow The files just looked suspicious to me. Since I don't know what they are, I renamed all of them before I started my upgrade. I haven't had any problems. I know they are probably just standard linux/unix files, and I am probably showing grand and undiluted ignorance here... Could these have been some sort of backdoor or rootkit ?

Re: threads 6.5.5 vulnerability #129687 08/01/2006 1:05 PM
Joined: Jun 2006 Posts: 9,242 Likes: 1 Aberdeen, WA R Rick Former Developer
Rick Former Developer R Joined: Jun 2006 Posts: 9,242 Likes: 1 Aberdeen, WA	Those all look like standard Linux files for your server profile. You'll have a variety of . files in your home directory on the server. If you see . files within your subdirectories then it might be something to worry about unless you specifically placed them there like a .htaccess file.

Re: threads 6.5.5 vulnerability #129688 08/02/2006 1:58 AM
Joined: Feb 2006 Posts: 31 L Luka newbie
Luka newbie L Joined: Feb 2006 Posts: 31	Thank you Rick.

Link Copied to Clipboard

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

Bots
by Outdoorking - 04/13/2024 5:08 PM

Can you add html to language files?
by Baldeagle - 04/07/2024 2:41 PM

Do I need to rebuild my database?
by Baldeagle - 04/07/2024 2:58 AM

This is not a bug, but a suggestion
by Baldeagle - 04/05/2024 11:25 PM

Is UBB.threads still going?
by Aaron101 - 04/01/2022 8:18 AM

Who's Online Now

0 members (), 925 guests, and 159 robots.

Key: Admin, Global Mod, Mod

Random Gallery Image

Latest Gallery Images

Los Angeles

Los Angeles
by isaac, August 6

3D Creations

3D Creations
by JAISP, December 30

Artistic structures

Artistic structures
by isaac, August 29

Stones

Stones
by isaac, August 19

Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)