Welcome, Guest. Please Login or Register.
November 23, 2024, 08:45:48 AM
Home Help Search Log in Register
News: SMF is the next generation in forum software, almost completely re-written from the ground up, make sure you don't fall for cheap imitations that suffer from feature bloat!

YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  SECURITY FIX! Users using any version prior to 1.5.1 « previous next »
Pages: 1 ... 5 6 [7] 8 9 ... 12 Reply Ignore Print
Author Topic: SECURITY FIX! Users using any version prior to 1.5.1  (Read 99652 times)
Reverend Spalding
Noobie
*
Posts: 6


Christians need not defend their position

Re:The Boys from Brazil
« Reply #90 on: February 03, 2003, 03:21:38 PM »
Reply with quote

Looking around at the Nuke community and they too have been hacked by a group of hackers in brazil. Looking for NeoNazis? I thought all of the NeoNazis migrated to Brazil? There's a good discussion on http://www.computercops.biz/ and one guy just decided to update his .htaccess file to deny all of Brazil. I like that idea, because it appears from the thread that the offenders have the cooperation of their hosting IP.
Logged
Overseer
Sr. Member
****
Posts: 455


Re:The Boys from Brazil
« Reply #91 on: February 03, 2003, 03:39:11 PM »
Reply with quote

Quote from: Reverend Spalding on February 03, 2003, 03:21:38 PM
Looking around at the Nuke community and they too have been hacked by a group of hackers in brazil. Looking for NeoNazis? I thought all of the NeoNazis migrated to Brazil? There's a good discussion on http://www.computercops.biz/ and one guy just decided to update his .htaccess file to deny all of Brazil. I like that idea, because it appears from the thread that the offenders have the cooperation of their hosting IP.

damn.. i never knew that was possible. anyone have a reference they can point me to on this? i have an ex-member i'd like to stop browsing the board full-stop.
Logged

I learned that from the G's, a G is an Overseer, the Overseer sees.
More than you do 'cause he gets experienced - Snoop on Daz's OG

Supreme exalted, universal leader, Descendent of the kings and queens, the Overseer
The overlord, cream of the crop, creme de la creme - Gang Starr  Royalty
kkozma
Noobie
*
Posts: 39


Peanut Butter Jelly!!

Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #92 on: February 03, 2003, 03:47:23 PM »
Reply with quote

Just thought I'd chime in once more to tell people how serious this is.  I have two SE installations and they both got hit.  Some joker uploaded a friggin porno gallery inside both yabbse directories using the exploit.  Not cool, especially since both sites deal with volkswagens.  

What made it exceeding difficult is for what ever mind numbingly STUPID reason, my ISP has chown disabled, so I couldn't even take ownership of the files to delete them... >:(
Logged
Omar Bazavilvazo
YaBB SE Developer
YaBB God
*****
Posts: 2153


I never said I would stay to the end...

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #93 on: February 03, 2003, 04:17:36 PM »
Reply with quote

Let's hope ppl now applies the patch, and not like the last announcement...
Logged

Greetings from México!
http://omarbazavilvazo.com
Mi foro Español-Japonés
http://hablajapones.org
http://hablajapones.org/index.php/japones/tutoriales/b16.php

NO me manden IM para soporte o dudas
...Leo los foros como todos...
Omar Bazavilvazo
YaBB SE Developer
YaBB God
*****
Posts: 2153


I never said I would stay to the end...

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #94 on: February 03, 2003, 04:18:00 PM »
Reply with quote

Let's hope ppl now applies the patch...
Logged

Greetings from México!
http://omarbazavilvazo.com
Mi foro Español-Japonés
http://hablajapones.org
http://hablajapones.org/index.php/japones/tutoriales/b16.php

NO me manden IM para soporte o dudas
...Leo los foros como todos...
Taras
Noobie
*
Posts: 4


I'm a llama!

Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #95 on: February 03, 2003, 06:13:09 PM »
Reply with quote

Jeff as  Agelmar, said can all future security alerts show up on the admin centre :)

Logged
Omar Bazavilvazo
YaBB SE Developer
YaBB God
*****
Posts: 2153


I never said I would stay to the end...

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #96 on: February 03, 2003, 06:20:59 PM »
Reply with quote

Quote from: Taras on February 03, 2003, 06:13:09 PM
Jeff as  Agelmar, said can all future security alerts show up on the admin centre :)



that would be cool to do, also
Logged

Greetings from México!
http://omarbazavilvazo.com
Mi foro Español-Japonés
http://hablajapones.org
http://hablajapones.org/index.php/japones/tutoriales/b16.php

NO me manden IM para soporte o dudas
...Leo los foros como todos...
Jeff Lewis
Global Moderator
YaBB God
*****
Posts: 10149


I'm a llama!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #97 on: February 03, 2003, 09:07:18 PM »
Reply with quote

I'm working on a way to notify people yes, a neat little feature if you will :)
Logged

Agelmar
YaBB God
*****
Posts: 931


Takako Matsu = Goddess

Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #98 on: February 03, 2003, 11:02:46 PM »
Reply with quote

That's all well and nice, but perhaps until that is complete you could add it to the .xml file? :-)
Logged

Agelmar
YaBB God
*****
Posts: 931


Takako Matsu = Goddess

Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #99 on: February 03, 2003, 11:06:11 PM »
Reply with quote

Hmm, that's really odd. While posting the previous message, I got the following.

Unknown column 'memberName' in 'where clause'

Is someone working on either the db or sourcecode live, or do you have a more serious problem going on?
Logged

Agelmar
YaBB God
*****
Posts: 931


Takako Matsu = Goddess

Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #100 on: February 03, 2003, 11:07:34 PM »
Reply with quote

Same thing again - it posts the message, but somewhere in action=post2 it's crapping out, saying "Unknown column 'memberName' in 'where clause'". It posts it, but this is most disconcerting.
Logged

Killer Possum
Sr. Member
****
Posts: 446


turboz3@msn.com WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #101 on: February 03, 2003, 11:09:32 PM »
Reply with quote

I'm not having any problems on my side 8)
Logged
Killer Possum
Sr. Member
****
Posts: 446


turboz3@msn.com WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #102 on: February 03, 2003, 11:11:18 PM »
Reply with quote

Nevermind  :-\ just got it:

Unknown column 'memberName' in 'where clause'

hmmm....
Logged
Jeff Lewis
Global Moderator
YaBB God
*****
Posts: 10149


I'm a llama!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #103 on: February 03, 2003, 11:31:14 PM »
Reply with quote

I'll try to hunt it down guy, I looked earlier but had no luck.
Logged

Doomfalcon
Noobie
*
Posts: 7


I'm a llama!

Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #104 on: February 03, 2003, 11:46:43 PM »
Reply with quote

I normally don't pay attention to announcements, but this 9-in-a-row thingy really got my attention - thanks for the info guys.
Logged
Pages: 1 ... 5 6 [7] 8 9 ... 12 Reply Ignore Print 
YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  SECURITY FIX! Users using any version prior to 1.5.1 « previous - next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
© 2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.1.4 © 2023, Simple Machines
Valid XHTML 1.0! Valid CSS

Page created in 0.026 seconds with 20 queries.