Site Links
Pricing & Order
Members Area
Support Options
Who's Online Now
1 registered members (Gizmo), 67 guests, and 223 spiders.
Key: Admin, Global Mod, Mod
Member Spotlight
Posts: 1,803
Joined: December 2003
Show All Member Profiles 
Top Posters(30 Days)
isaac 43
Ruben 24
M4TT 24
Gizmo 18
Morgan 13
Jake 4
Latest Photos
Big stuff
Testing to drag photos
Comfortable Cats
Previous Thread
Next Thread
Print Thread
extreme security bug used to send ou 100.000s of spam emails #194771
08/21/07 04:34 AM
08/21/07 04:34 AM
wnedoe  Offline OP
Joined: Aug 2007
Posts: 1
I use version 6.5

My provider informed me that the UBBT script addpost_newpoll.php
was used to send ou more than 100.000 spam emails and nearly cancelled my contract.

It seems that this is a well known bug at least to spammers as they had even programmed a complete USER INTERFACE for sending spam with UBBt and so probably millions of spam emails are sent out each day with he help of ubbt.

The way this script is/was abused

/forum//addpost_newpoll.php?addpoll=preview&thispath= HTTP/1.1" 200

(the abuse script has gone at this place but is probably to be found at a lot of places elsewhere

Re: extreme security bug used to send ou 100.000s of spam emails [Re: wnedoe] #194772
08/21/07 05:19 AM
08/21/07 05:19 AM
Gizmo  Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 15,808
Portland, OR; USA
Are you running 6.5? If so, security issues are well known in builds prior to 6.5.5, you should consider upgrading.

I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Need to Upgrade?
Forums: A Gardeners Forum Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Re: extreme security bug used to send ou 100.000s of spam emails [Re: Gizmo] #194779
08/21/07 10:55 AM
08/21/07 10:55 AM
Rick  Offline
Former Developer
Joined: Jun 2006
Posts: 9,246
Aberdeen, WA
Yes, we sent out an email to all of our customers when we were made aware of this and had a patch out to fix it. You should definitely at least upgrade to 6.5.5 at the minimum.

ShoutChat Box
Today's Birthdays
No Birthdays
Recent Topics
Can i go from 7.6.0 to 7.7.1 directly?
by Crasher - 03/21/19 12:15 PM
Follow Thread Button Not Aligned
by M4TT - 03/16/19 09:24 PM
Author Content Portrait Avatars
by M4TT - 03/16/19 09:12 PM
problem with ubbthreads dark scheme
by TheBrit - 03/15/19 04:17 PM
7.7.1 Forums and Categories
by AstroCat - 03/15/19 08:16 AM
Forum Statistics
Most Online978
Jun 24th, 2007
Random Image
Powered by UBB.threads™ PHP Forum Software 7.7.2
(Snapshot build 20190227)