Welcome, Guest. Please Login or Register.
November 27, 2024, 08:51:37 PM
Home Help Search Log in Register
News: If you are still using YaBB SE, please consider upgrading to SMF as soon as possible.

YaBB SE Community  |  General Category  |  Feedback  |  YaBB SE banned.... « previous next »
Pages: 1 [2] 3 4 Reply Ignore Print
Author Topic: YaBB SE banned....  (Read 12478 times)
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
Re:YaBB SE banned....
« Reply #15 on: May 21, 2003, 01:47:05 AM »
Reply with quote

Here's a breakdown for you.

http://www.securityfocus.com/search?query=yabbse (6 holes, same as phpBB.)

First one: fake.
Second one: tells about first being a fake.
3rd: also fake.

4th: found and fixed in 1.5.2.
5th: we issued a fix like immediately, fixed in 1.5.1.
6th: found and fixed in 1.5.x.

Now search for YaBB SE...
http://www.securityfocus.com/search?query=yabb%20se (8 matches.)

1st: fixed in 1.5.2.
2nd: duplicate. Same as 1st.
3rd: fixed in 1.5.2. (same as 4th from the last group.)
4th: fixed in 1.5.1. (same as "yabbse"'s 5th.)
5th: fixed in 1.5.x.
6th: not YaBB SE.
7th: not YaBB SE.
8th: not YaBB SE.

To summarize.  We have 5 distinct actual holes.... all fixed.  In fact, they were all fixed QUITE immediately, if I do say so myself.

And, yes, it is known that someone who has personal issues with YaBB SE is doing a "smear campaign."  He and/or his associated host have probably given your host false information.

Anyhow, there's lots of paid hosting to be had.  If they don't want your business, screw them.  (you should let them know that.  You'll be surprised how quickly businesses - any businesses - move when you say that.  Best way to fix a situation where you've been screwed royally - like this one.)

-[Unknown]
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
Re:YaBB SE banned....
« Reply #16 on: May 21, 2003, 01:47:53 AM »
Reply with quote

Addendum to my last post.

http://www.securityfocus.com/search?query=phpbb

I got 60 results.  That's a lot.

-[Unknown]
Logged
Coyote
YaBB God
*****
Posts: 702


I love YaBB SE!

Re:YaBB SE banned....
« Reply #17 on: May 21, 2003, 07:56:29 AM »
Reply with quote

Its such a shame that webb hosts relate YaBBSE to YaBB when infact SE has been completely recoded since its conception.

I am sure that most of this bad feeling that hosts have against YaBB will change once it gets a new name - like the up comming release Trinity :)

Would it not be a good idea once Trinity is about to be launched - to make a little noise in the media? sending a press release out to all the web host review sites and indeed all the web hosts themselves?

pointing out facts like :
Two years in the making - xxxxxx lines of code
Average server load with 100 members online .020!
Trinity - Coming to a server near you soon!

or maybe a little more humble like a polite Launch letter? :)

I am sure all the members here wouldnt mind helping build a list of web host email addresses ;) for both the customer service and the support teams.

I am not sure posting them on a thread would be a good idea - as it would take ages to rip it out into an email client - but if we had a form we could submit there details on it would be cool.

Maybe if you dont like the idea of that - as members of each host, we could announce it on the message boards of the hosts we belong to?

Or alternatively - if a standard letter was drawn up - we could print it off and manually post it to the host! that way its not really spamming.

Or maybe 1.6 should be renamed?

Also is having a list of security fixes on the home page a good idea? I know they show we are on top of things, but its also the first thing a host will see when checking out YaBBSE - they may assume that its normal to have so many security fixes? (and yes I know there are not many - but first impressions of someone who doesnt want yabb on there server may be quite negative if they see the home page  and the words another security fix!)

Just a thought.
Logged

To the world - you are just one person, but to one person you are the world!
Chris Cromer
The Strange One
Mod Team
YaBB God
*****
Posts: 3152


I am just a figment of your imagination.

WWW
Re:YaBB SE banned....
« Reply #18 on: May 21, 2003, 08:01:42 AM »
Reply with quote

QuoteWould it not be a good idea once Trinity is about to be launched
Trinity isn't that close to being released. :P
Logged

Chris Cromer

I am not suffering from insanity, I am enjoying every minute of it.
Coyote
YaBB God
*****
Posts: 702


I love YaBB SE!

Re:YaBB SE banned....
« Reply #19 on: May 21, 2003, 08:05:33 AM »
Reply with quote

I know  :P
Logged

To the world - you are just one person, but to one person you are the world!
chris
Guest
Re:YaBB SE banned....
« Reply #20 on: May 21, 2003, 08:08:06 AM »
Reply with quote

by the way... some of us are currently analyzing the YaBB SE code over and over again to make sure that there won't be any more holes... v1.5.3 is the first result of this effort...

We are currently working very hard to make sure that you're on the safe side when using YaBB SE ;D
Logged
Angel Skin
Full Member
***
Posts: 128


I'm a llama!

WWW
Re:YaBB SE banned....
« Reply #21 on: May 21, 2003, 08:42:07 AM »
Reply with quote

Quote from: Jeff on May 20, 2003, 06:08:24 PM
Or rochenhost  ::)

It's funny, YaBB has been around four years almost and you still get these lame comments like "Use phpBB, Invision or vB and you are guaranteed a professional long term bulletin board".

Just goes to show the knowledge of your host, I'd take my money elsewhere as they obviously have an alterior motive.

Look through any security site, all of those forums have the same security issues.

phpbb I found the most difficult, messy forum to use.
Logged
Chris Cromer
The Strange One
Mod Team
YaBB God
*****
Posts: 3152


I am just a figment of your imagination.

WWW
Re:YaBB SE banned....
« Reply #22 on: May 21, 2003, 08:47:12 AM »
Reply with quote

Actually, I know a few people that use it... infact they switched from YaBBSE to phpBB... they where having problems with speed... they should have waited for 1.5.x because it is very fast compared to the old version they where using.
Logged

Chris Cromer

I am not suffering from insanity, I am enjoying every minute of it.
I, Brian
Full Member
***
Posts: 238


It is coming...

WWW
Re:YaBB SE banned....
« Reply #23 on: May 21, 2003, 12:23:20 PM »
Reply with quote

I'm sure people from around here would drop the news of Trinity into other forums - especially topic specific ones. I'm a member of quite a few online communities, such as WebhsotingTalk and SitepointForums, which both have around 30,000 members in each. Forum-Forum.com is an interesting forums community that's expanding well and also worth commenting in. I'd be happy to drop in something about Trinity in any of these places. Assuming I've used it, liked it, that is. :)

Logged

A.M.A.
YaBB God
*****
Posts: 685


.:: :-) ::.

evolve_xp@hotmail.com WWW
Re:YaBB SE banned....
« Reply #24 on: May 21, 2003, 03:54:13 PM »
Reply with quote

Well I think [Unknown] SP 'YaBBSE 1.6.0' worth mentioning in the mean time, and it will be great if you do so.


cheer
Logged

rochen
Noobie
*
Posts: 1


I'm a llama!

Re:YaBB SE banned....
« Reply #25 on: May 21, 2003, 08:55:26 PM »
Reply with quote

Hello everyone,

Just to post a reply to this, as Jeff mentioned our name above.

I wanted to clear up exactly what our ban on SE is. We have not completely banned SE, only versions below 1.5.0 which don't contain the speedupboardmod (think that's the name, please correct me if I am wrong ;) ).

We didn't ban it because of security concerns, it was due to load related issues. I think we can safely say that issue was resolved with the release of 1.5.0 (I think), as we haven't noticed any such problem since - thus don't ban versions above 1.5.0.

As for the security, if there are security holes it wouldn't really matter providing the host has Apache configured correctly, the maximum impact is that the end user's account gets wiped out. From a hosts point of view, this isn't critical and I don't see this as a reason to ban the script.


Anyway, just wanted to clear up our position on this.

Have a good day all :)
Logged
Jeff Lewis
Global Moderator
YaBB God
*****
Posts: 10149


I'm a llama!

WWW
Re:YaBB SE banned....
« Reply #26 on: May 21, 2003, 11:29:23 PM »
Reply with quote

Quote from: rochen on May 21, 2003, 08:55:26 PM
I wanted to clear up exactly what our ban on SE is. We have not completely banned SE, only versions below 1.5.0 which don't contain the speedupboardmod (think that's the name, please correct me if I am wrong ;) ).

Thanks for clearing that up, and he is right, for those of you that are still using anything prior to 1.5.0 (and I always encourage using the most up to date version), you should be upgrading.

You'll gain a significant speed increase as well as plugging any holes that popped up.
Logged

David
Destroyer Dave
Global Moderator
YaBB God
*****
Posts: 5761


I'm not a llama!

WWW
Re:YaBB SE banned....
« Reply #27 on: May 22, 2003, 12:17:56 AM »
Reply with quote

And I have offered my services in this thread to get people upgraded.
http://www.yabbse.org/community/index.php?board=131;action=display;threadid=21435
Logged

Douglas
aka The Bear
Support Team
YaBB God
*****
Posts: 1050


Bears rule! Llamas rule too!

WWW
Re:YaBB SE banned....
« Reply #28 on: May 22, 2003, 01:41:26 AM »
Reply with quote

As have I, though I need to edit it a bit to put a few things into place (like not installing on free hosts, etc).
Logged

Need help? Please SEARCH first.  No need for a bad attitude, we like helping positive minded people.
ComeHit.us Short URL  redirection svcs with YSE powered forums, COMING SOON!
Want to say thanks?  Check out http://comehit.us/?u=3
old dan
Full Member
***
Posts: 191


Make music, not war.

WWW
Re:YaBB SE banned....
« Reply #29 on: May 22, 2003, 08:13:28 AM »
Reply with quote

Quote from: A.M.A. on May 21, 2003, 03:54:13 PM
Well I think [Unknown] SP 'YaBBSE 1.6.0' worth mentioning in the mean time, and it will be great if you do so.


cheer

I think tho you need to be careful when doing that. Many folks first thought when you say "the next version of whatever is going to be great" is what's wrong with the current version. I always say when asked that 1.5.3 is great and there will be a new improved version soon. And if I think they understand what it means I'll say 1.6


And Angel Skin, let me say amen. Invision board is not that far behind but phpbb sets new standards in obfuscation.
Logged

People who drink lite beer don't like the taste of beer; they just like to pee a lot
Pages: 1 [2] 3 4 Reply Ignore Print 
YaBB SE Community  |  General Category  |  Feedback  |  YaBB SE banned.... « previous - next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
© 2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.1.4 © 2023, Simple Machines
Valid XHTML 1.0! Valid CSS

Page created in 0.072 seconds with 20 queries.