Site Links
Pricing & Order
Members Area
Support Options
Who's Online Now
2 registered members (GliderCENTRAL, Gizmo), 48 guests, and 207 spiders.
Key: Admin, Global Mod, Mod
Member Spotlight
Posts: 543
Joined: March 2007
Show All Member Profiles 
Top Posters(30 Days)
Gizmo 16
SteveS 8
isaac 7
Morgan 5
jorb 4
Ruben 3
Latest Photos
Testing to drag photos
Comfortable Cats
BSA photos
Previous Thread
Next Thread
Print Thread
extreme security bug used to send ou 100.000s of spam emails #194771
08/21/07 03:34 AM
08/21/07 03:34 AM
wnedoe  Offline OP
Joined: Aug 2007
Posts: 1
I use version 6.5

My provider informed me that the UBBT script addpost_newpoll.php
was used to send ou more than 100.000 spam emails and nearly cancelled my contract.

It seems that this is a well known bug at least to spammers as they had even programmed a complete USER INTERFACE for sending spam with UBBt and so probably millions of spam emails are sent out each day with he help of ubbt.

The way this script is/was abused

/forum//addpost_newpoll.php?addpoll=preview&thispath= HTTP/1.1" 200

(the abuse script has gone at this place but is probably to be found at a lot of places elsewhere

Re: extreme security bug used to send ou 100.000s of spam emails [Re: wnedoe] #194772
08/21/07 04:19 AM
08/21/07 04:19 AM
Gizmo  Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 17,011
Portland, OR; USA
Are you running 6.5? If so, security issues are well known in builds prior to 6.5.5, you should consider upgrading.

I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Need to Upgrade?
Forums: A Gardeners Forum Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Re: extreme security bug used to send ou 100.000s of spam emails [Re: Gizmo] #194779
08/21/07 09:55 AM
08/21/07 09:55 AM
Rick  Offline
Former Developer
Joined: Jun 2006
Posts: 10,177
Aberdeen, WA
Yes, we sent out an email to all of our customers when we were made aware of this and had a patch out to fix it. You should definitely at least upgrade to 6.5.5 at the minimum.

Shout Box
Today's Birthdays
No Birthdays
Recent Topics
errors importing a database
by andrewjs18. 12/11/18 03:51 AM
Private Message, Opt out of conversation
by jorb. 12/04/18 10:11 PM
Disable IP display in Who's Online?
by Baldeagle. 11/29/18 09:05 PM
Permissions problem
by Baldeagle. 11/25/18 09:44 PM
Reddy Kilowatt
by SteveS. 11/20/18 08:30 AM
Forum Statistics
Most Online978
Jun 24th, 2007
Random Image
Powered by UBB.threads™ PHP Forum Software 7.6.2