Announcement

Collapse
No announcement yet.

vBulletin 3.x and 4.x Redirect Security Exploit

Collapse
This topic is closed.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #76
    Originally posted by djbaxter View Post
    Well, I have no intention of moving to Xenforo but I have to agree that pareticular response from Steve seemed rather belligerent and unhelpful.
    Unfortunately - I wasn't surprised by it either. That's the disappointing thing.

    Even worse then you consider I've waited over a week without any official 'support' since first creating a thread - a thread Steve advised I created;

    http://www.vbulletin.com/forum/showthread.php/380708-Google-Re-Direct-clicks-to-my-forum-to-MyFileStore.com

    The fix doesn't work. It's evident - still no comment. Poor, poor, poor.

    Comment


    • #77
      His post was hardly off-topic.
      Psychlinks Mental Health Support Forum
      Local Search Forum

      Comment


      • #78
        Originally posted by Bacon Butty View Post
        Unfortunately - I wasn't surprised by it either. That's the disappointing thing.

        Even worse then you consider I've waited over a week without any official 'support' since first creating a thread - a thread Steve advised I created;

        http://www.vbulletin.com/forum/showthread.php/380708-Google-Re-Direct-clicks-to-my-forum-to-MyFileStore.com

        The fix doesn't work. It's evident - still no comment. Poor, poor, poor.
        From: http://www.vbulletin.com/forum/showt...=1#post2166556
        Originally posted by Bacon Butty View Post
        Thanks all. Resolved. Was never config as that file was never amended.

        Download PHP Editor and that detected the odd code that a save with notepad seemed to insert.

        With the 'Patch' though (and YUI amend in admincp), a search for my forum in Google is still directing elsewhere.
        Resolved or not? You message is not clear. If you still gave an issue and do not have any add-on installed, then fill out a support ticket at:

        http://members.vbulletin.com/members...ontactform.php

        Please include a complete description of the problem and be sure to include the login info to your Admin CP, phpMyAdmin and FTP in the 'Sensitive Data' field.
        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
        Change CKEditor Colors to Match Style (for 4.1.4 and above)

        Steve Machol Photography


        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


        Comment


        • #79
          Originally posted by djbaxter View Post
          His post was hardly off-topic.
          No one said it was off-topic. Please read what I wrote.
          Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
          Change CKEditor Colors to Match Style (for 4.1.4 and above)

          Steve Machol Photography


          Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


          Comment


          • #80
            Originally posted by Steve Machol View Post
            From: http://www.vbulletin.com/forum/showt...=1#post2166556

            Resolved or not? You message is not clear. If you still gave an issue and do not have any add-on installed, then fill out a support ticket at:

            http://members.vbulletin.com/members...ontactform.php

            Please include a complete description of the problem and be sure to include the login info to your Admin CP, phpMyAdmin and FTP in the 'Sensitive Data' field.
            Don't understand why my comment deserved a "start your own thread" (which I already had two...), when so many others are debating the same issue and not receiving a snidey comment?

            And besides - if I'm ill-educated, shouldn't your response have been made in "my thread"?

            AndI'm pretty sure the last line of the last post in my support thread is pretty straight forward;

            With the 'Patch' though (and YUI amend in admincp), a search for my forum in Google is still directing elsewhere...
            But I will support a ticket thanks - but my faith in vBulletin is absolutely shot and I'd be reluctant to hand over that sensitive information.

            Still at loss towards the "no comment" stance to the "Your fix doesn't work....". www.grandoldteam.com/forum . View source - amends made - google the forum - directed elsewhere.

            Comment


            • #81
              Originally posted by Bacon Butty View Post
              Don't understand why my comment deserved a "start your own thread" (which I already had two...), when so many others are debating the same issue and not receiving a snidey comment?

              And besides - if I'm ill-educated, shouldn't your response have been made in "my thread"?

              AndI'm pretty sure the last line of the last post in my support thread is pretty straight forward;



              But I will support a ticket thanks - but my faith in vBulletin is absolutely shot and I'd be reluctant to hand over that sensitive information.

              Still at loss towards the "no comment" stance to the "Your fix doesn't work....". www.grandoldteam.com/forum . View source - amends made - google the forum - directed elsewhere.
              Sorry you felt it was 'snide'. That was certainly not my intention.

              Also I was not aware you already had two other threads on this same issue when I posted that. I was merely trying to make sure your issue got the attention it deserved. Unfortunately try as I might, I am simply not all-knowing. All can do is try my best.
              Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
              Change CKEditor Colors to Match Style (for 4.1.4 and above)

              Steve Machol Photography


              Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


              Comment


              • #82
                Originally posted by Steve Machol View Post
                Sorry you felt it was 'snide'. That was certainly not my intention.

                Also I was not aware you already had two other threads on this same issue when I posted that. I was merely trying to make sure your issue got the attention it deserved. Unfortunately try as I might, I am simply not all-knowing. All can do is try my best.
                And after all these shenanigans - I'm still none the wiser. Not one comment has been made here, or in either of my two threads, offering advise as to why the fix itself isn't fixing the problem? I'm genuinely baffled - sure, I've lodged a support ticket - but it's as though vBulletin are scared to make any sort of comment in public?

                Either way. A week on, I'll continue pressing F5 on my thread as the vast majority of my forums traffic are directed elsewhere. I'll excuse myself now. Sorry to the OP for sabotaging your thread - a member made a post of which I was hoping could be elaborated to the assistance of myself and possibly others. Silly me.

                Comment


                • #83
                  Your exploit has nothing to do with our patch.

                  You have a support ticket open with me and I've replied asking for more information. We updated YUI as a precaution to a potential issue, instead of waiting to let it get exploited and fixing it then.

                  The sooner you respond to the ticket with the information requested the sooner we can look at the issue.
                  Last edited by Zachery; Fri 3rd Jun '11, 11:31am.

                  Comment


                  • #84
                    So how can I fix this ?

                    Comment


                    • #85
                      Originally posted by Bacon Butty View Post

                      Either way. A week on, I'll continue pressing F5 on my thread as the vast majority of my forums traffic are directed elsewhere.
                      Next time press the "support ticket" button first...
                      .......

                      Comment


                      • #86
                        Originally posted by ampersand View Post
                        So how can I fix this ?
                        Fix what, exactly ?
                        Baby, I was born this way

                        Comment


                        • #87
                          Originally posted by Paul M View Post
                          Fix what, exactly ?
                          same problem here
                          www.filmmakerforum.org
                          www.digidistribution.com

                          Comment


                          • #88
                            Anyone having an issue with their google traffic being refered to another site, open a support ticket.

                            Comment


                            • #89
                              For those who are still having issues with the Google redirects. another suggestion from a vBSEO thread (it doesn't involve vBSEO itself so it's relevant to forums not running vBSEO):

                              See http://www.vbseo.com/f77/google-redi...tml#post309843

                              Create this .htaccess file for all writeable vBulletin subdirectories (e.g., uploadable images):

                              Code:
                              <Files ~ "\.(php\d*|cgi|pl|phtml)$">
                              order allow,deny
                              deny from all
                              </Files>
                              Alternate suggested version:

                              Code:
                              RedirectMatch 404 .*php\.
                              What this does is prevent the execution of a PHP file disguised as an image file.

                              Note: Do NOT use this in your root or in directories cexecutableseded execautables.

                              Depending on your version of vBulletin and how you have it configured, the following subdirectories may need this protection:
                              • customavatars
                              • signaturepics
                              • customprofilepics
                              • attachments

                              Make sure that all other vBulletin directories are write protected (755 or 644).
                              Psychlinks Mental Health Support Forum
                              Local Search Forum

                              Comment


                              • #90
                                Originally posted by djbaxter View Post
                                What this does is prevent the execution of a PHP file disguised as an image file.

                                Note: Do NOT use this in your root or in directories cexecutableseded execautables.

                                Depending on your version of vBulletin and how you have it configured, the following subdirectories may need this protection:
                                • customavatars
                                • signaturepics
                                • customprofilepics
                                • attachments

                                Make sure that all other vBulletin directories are write protected (755 or 644).
                                Interesting, is this a new security exploit? Could someone from staff confirm this?
                                .......

                                Comment

                                Related Topics

                                Collapse

                                Working...
                                X