Welcome, Guest. Please Login or Register.
November 22, 2024, 06:52:06 AM
Home Help Search Log in Register
News: If you are still using YaBB SE, please consider upgrading to SMF as soon as possible.

YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  YaBB SE 1.5.5 Released! « previous next »
Pages: 1 ... 4 5 [6] 7 Reply Ignore Print
Author Topic: YaBB SE 1.5.5 Released!  (Read 352541 times)
marcnyc
Full Member
***
Posts: 137


I'm a llama!

Re:YaBB SE 1.5.5 Released!
« Reply #75 on: January 24, 2004, 02:50:04 AM »
Reply with quote

That was a typo... I meant that now I AM ABLE to chmod to 777 and I did before applying the mod but I got that error... What could this depend on? I really don't wanna have to do it manually, especially because I have several installations of YaBB SE...
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
Re:YaBB SE 1.5.5 Released!
« Reply #76 on: January 24, 2004, 04:42:26 PM »
Reply with quote

You need to at least temporarily chmod the /yabbse folder to 777 as well.

-[Unknown]
Logged
marcnyc
Full Member
***
Posts: 137


I'm a llama!

Re:YaBB SE 1.5.5 Released!
« Reply #77 on: January 25, 2004, 06:53:03 AM »
Reply with quote

Thank you. That was my problem.
Logged
revolver_ocelot200
Noobie
*
Posts: 2


I'm a llama!

Re:YaBB SE 1.5.5 Released!
« Reply #78 on: January 25, 2004, 03:31:51 PM »
Reply with quote

I thought http://www.supermod.org was the one continuing yabbse? and boy was I convinced! that wiziwyg(?) guy is really commited to supermod, it's my first time to visit that again and boy... It's really evolving ha?

What's new in the SSI fix this update has by the way?
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
Re:YaBB SE 1.5.5 Released!
« Reply #79 on: January 25, 2004, 09:13:06 PM »
Reply with quote

The supermod is by no means "continuing" YaBB SE.

I'm sorry but I'm not at liberty to spell out the problems with SSI.php :P.

-[Unknown]
Logged
David
Destroyer Dave
Global Moderator
YaBB God
*****
Posts: 5761


I'm not a llama!

WWW
Re:YaBB SE 1.5.5 Released!
« Reply #80 on: January 25, 2004, 11:51:55 PM »
Reply with quote

Quote from: revolver_ocelot200 on January 25, 2004, 03:31:51 PM
I thought http://www.supermod.org was the one continuing yabbse? and boy was I convinced! that wiziwyg(?) guy is really commited to supermod, it's my first time to visit that again and boy... It's really evolving ha?
Supermod is in no way affiliated with the YaBB SE project beyond them just choosing to use our software to base their system off of.
Logged

daddywolfe
Noobie
*
Posts: 14


Where's a llama!

Re:YaBB SE 1.5.5 Released!
« Reply #81 on: January 29, 2004, 09:55:51 AM »
Reply with quote

Any recommendations for making this update on a board running 1.5.4 with the supermod SM0817R5?

I have a couple of these board like that, although one seems to have some strange problems already.  Both are identical, but one is causing the server to hang and core dump due to an unclosed process that runs for up to 15 minutes.  Almost always it will show in the error log for the server that yabbse tried to load an active x update for mplayer off a ms update server that has been moved.  I want to update the security but I'm afraid with this one that my problem could get worse.  The board was moved to our most stable server and given enough space that it wouldn't cause core dumps as much, but it's still having this problem.
Logged
Peter Duggan
Llama Chameleon
Global Moderator
YaBB God
*****
Posts: 1793


You come and go...

WWW
Re:YaBB SE 1.5.5 Released!
« Reply #82 on: January 29, 2004, 05:18:32 PM »
Reply with quote

Quote from: daddywolfe on January 29, 2004, 09:55:51 AM
Any recommendations for making this update on a board running 1.5.4 with the supermod SM0817R5?

Please ask at supermod.org, where you might even find your question already answered:

http://www.supermod.org/community/index.php?board=3;action=display;threadid=1670;start=0
Logged

Yvette
Noobie
*
Posts: 35


Re:YaBB SE 1.5.5 Released!
« Reply #83 on: January 31, 2004, 11:23:41 AM »
Reply with quote

Even with this lastest fix, some of my users are still reporting that when they request a change of password, their email program rejects the message saying that it contains a virus ..(Outlook 'CR' Vulnerability).

Also, sometimes I get bounce backs from their mail servers:

Quote
Subject: WARNING YOU MAY HAVE A VIRUS
The virus software on ***.net has reported that you sent a virus with the subject "Account Information" to:
someone@***.net.  The E-mail containing the virus has been removed to prevent further damage.

[Outlook 'CR' Vulnerability] was found in file: [No attachment]

Was this upgrade supposed to fix this problem? I noticed the change to the sendmail function in Subs.pl. Is there anything else that I can try?

Yvette
Logged
Peter Duggan
Llama Chameleon
Global Moderator
YaBB God
*****
Posts: 1793


You come and go...

WWW
Re:YaBB SE 1.5.5 Released!
« Reply #84 on: January 31, 2004, 04:39:21 PM »
Reply with quote

Quote from: Yvette on January 31, 2004, 11:23:41 AM
Was this upgrade supposed to fix this problem?

Basically no, because it's not a known problem. In fact, I've just tested the 'forgot password?' function with a live 1.5.4 board (with SSI.php deleted) that hasn't been upgraded yet, and found no problem with the emails.

QuoteI noticed the change to the sendmail function in Subs.pl.

You mean Subs.php, as detailed in the changelog at http://sourceforge.net/project/shownotes.php?release_id=210608?

QuoteIs there anything else that I can try?

Are you absolutely certain that there's no problem with your server or nobody is spoofing your email address? A standard YaBB SE doesn't send out emails with the subject 'Account Information', you see...
Logged

daddywolfe
Noobie
*
Posts: 14


Where's a llama!

Re:YaBB SE 1.5.5 Released!
« Reply #85 on: January 31, 2004, 06:25:32 PM »
Reply with quote

He's right about the board not sending out anything like that.  Even the supermod doesn't do that.  We host several se 1.5.4 boards configured with sm 187, and we have never had anything like this.  Also, we run two se 1.5.5 boards, never seen it with those either, as well as one se 1.5.5 board with sm 204 (for testing) and haven't seen it with those.  The odds are somebody is spamming using your board's email address.
You can check with wiziwig at supermod, but my check of the original code doesn't indicate anything to cause this.
Is your board running on a IIS server?  I find it extremely hard to believe the idea that a unix server could be infected with a virus that would show up on a Windows system.  Also, what mods are you running in your board and where did you get them?
And did you modify the message the board sends the password in?  I know that some word patterns will trigger my spam blocker, even though it is legitimate email.
Just some things I would take a look at.
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
Re:YaBB SE 1.5.5 Released!
« Reply #86 on: February 01, 2004, 12:42:58 AM »
Reply with quote

It's not a virus, it's an exploit.  Outlook is detecting an exploit in the email....

YaBB SE doesn't even send HTML emails.  Supermod, however, does... but, still, that shouldn't contain any exploits...

-[Unknown]
Logged
Yvette
Noobie
*
Posts: 35


Re:YaBB SE 1.5.5 Released!
« Reply #87 on: February 02, 2004, 12:53:29 PM »
Reply with quote

Quote from: [Unknown] on February 01, 2004, 12:42:58 AM
It's not a virus, it's an exploit.  Outlook is detecting an exploit in the email....

YaBB SE doesn't even send HTML emails.  Supermod, however, does... but, still, that shouldn't contain any exploits...

-[Unknown]

Is there anyway that I can reformat the mail headers in Subs.pl so that this exploit isn't there?

Reply to daddywolfe & Peter:

Yes, I meant Subs.php, as detailed in the changelog at http://sourceforge.net/project/shownotes.php?release_id=210608?

Also, I have changed the subject line for forgotten passwords to be Account Information. Is that considered a security risk for anyone trying to monitor email packets or whatever on the Internet.. ?

I have other programs that send email out, such as the lastest version of formmail.php. I've never received bounce backs from email sent via these programs. I also used to run Majordomo on my server, and again, I never received bouncebacks. If I knew enough about mail headers, I would use the way formmail.php generates headers to modify Subs.php, but I don't have a way to test it, to verify that I fixed the problem.

I have 26,000+ members who signed up over the last couple of years, and this problem occurs with only some of them. If I had to guess, I'd say 2-3%.

This latest guy who had the problem wrote me to say that he was trying to get a new password, but his virus protection software kept reporting that I (YaBB Se) was sending him a virus. I received the boucebacks from his attempts. I then tried to modify a couple of headers, resent his password, and received the bouceback an instant later.

Rather than sending further "virus" emails, I manually changed his password in his profile and sent it to him via my regular email account, asking if I could use his account to test to see if I could come up with a fix.. but I haven't heard back. Who in their right mind would let a stranger send email to them when their email program says the email contains a virus?

I'm not using Supermod, and no mods that modify the sendmail function in Subs.pl. Yes, I modified the actual message in the password reminder slightly, but I think this problem occurs with a small perscentage of all email sent out via YaBB SE.. such as notifications.

I'd appreciate any futher suggestions.. here's some info I found about the vulnerability:

"Outlook 'CR' Vulnerability: This vulnerability occurs when an E-mail contains a single 'CR' character within the E-mail headers (as opposed to a 'CR' followed by an 'LF', which is used to end a line in SMTP). Outlook can treat this as the end of the headers, which would allow Outlook to see a virus that was embedded in the headers. There is no legitimate reason for an E-mail to contain a lone 'CR' in the headers." http://www.thecoaproject.com/bugreport.php

See also: http://www.securitytracker.com/alerts/2002/Feb/1003546.html

Sorry if this message should have been posted somewhere else. I was hoping the latest upgrade would include a fix for this.

Am I really the only one who has had this problem? I thought that maybe it was a matter of removing one of the instances of \r\n. What is LF?

Yvette
« Last Edit: February 02, 2004, 01:34:09 PM by Yvette » Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
Re:YaBB SE 1.5.5 Released!
« Reply #88 on: February 02, 2004, 02:56:54 PM »
Reply with quote

Could be just that - I know I would delete any email I recieve with "Account Information" as the subject right off.

Again, it's not Subs.pl.  You're gonna start confusing people if you keep saying that :P.  It's Subs.php...

As far as the vulnerability you're talking about... sounds like your mail server sucks.  You're supposed to send \r\n to the server, and YaBB SE does - so your mail server is stripping it or something.  If that's the vulnerability... well, that shouldn't be YaBB SE either.

CR = \r, LF = \n.  They should always be in pairs. (CRLF aka \r\n)

-[Unknown]
Logged
QM
Noobie
*
Posts: 39


I'm a llama! (I'm not, but I like Llama's)

Re:YaBB SE 1.5.5 Released!
« Reply #89 on: February 05, 2004, 09:32:13 PM »
Reply with quote

Being a complete numpty, why do I receive an unable to access index.php when performing the 1.5.4 to 1.5.5 package update ::)
Logged
Pages: 1 ... 4 5 [6] 7 Reply Ignore Print 
YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  YaBB SE 1.5.5 Released! « previous - next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
© 2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.1.4 © 2023, Simple Machines
Valid XHTML 1.0! Valid CSS

Page created in 0.050 seconds with 20 queries.