vBulletin 3.x and 4.x Redirect Security Exploit

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • Bacon Butty
    Senior Member
    • Jun 2005
    • 162

    #76
    Originally posted by djbaxter
    Well, I have no intention of moving to Xenforo but I have to agree that pareticular response from Steve seemed rather belligerent and unhelpful.
    Unfortunately - I wasn't surprised by it either. That's the disappointing thing.

    Even worse then you consider I've waited over a week without any official 'support' since first creating a thread - a thread Steve advised I created;

    http://www.vbulletin.com/forum/showthread.php/380708-Google-Re-Direct-clicks-to-my-forum-to-MyFileStore.com

    The fix doesn't work. It's evident - still no comment. Poor, poor, poor.

    Comment

    • djbaxter
      Senior Member
      • Aug 2006
      • 1418
      • 4.2.5

      #77
      His post was hardly off-topic.
      Psychlinks Web Services Affordable Web Design & Site Management
      Specializing in Small Businesses and vBulletin/Xenforo Forums

      Comment

      • Steve Machol
        Former Customer Support Manager
        • Jul 2000
        • 154488

        #78
        Originally posted by Bacon Butty
        Unfortunately - I wasn't surprised by it either. That's the disappointing thing.

        Even worse then you consider I've waited over a week without any official 'support' since first creating a thread - a thread Steve advised I created;

        http://www.vbulletin.com/forum/showthread.php/380708-Google-Re-Direct-clicks-to-my-forum-to-MyFileStore.com

        The fix doesn't work. It's evident - still no comment. Poor, poor, poor.
        From: http://www.vbulletin.com/forum/showt...=1#post2166556
        Originally posted by Bacon Butty
        Thanks all. Resolved. Was never config as that file was never amended.

        Download PHP Editor and that detected the odd code that a save with notepad seemed to insert.

        With the 'Patch' though (and YUI amend in admincp), a search for my forum in Google is still directing elsewhere.
        Resolved or not? You message is not clear. If you still gave an issue and do not have any add-on installed, then fill out a support ticket at:



        Please include a complete description of the problem and be sure to include the login info to your Admin CP, phpMyAdmin and FTP in the 'Sensitive Data' field.
        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
        Change CKEditor Colors to Match Style (for 4.1.4 and above)

        Steve Machol Photography


        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


        Comment

        • Steve Machol
          Former Customer Support Manager
          • Jul 2000
          • 154488

          #79
          Originally posted by djbaxter
          His post was hardly off-topic.
          No one said it was off-topic. Please read what I wrote.
          Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
          Change CKEditor Colors to Match Style (for 4.1.4 and above)

          Steve Machol Photography


          Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


          Comment

          • Bacon Butty
            Senior Member
            • Jun 2005
            • 162

            #80
            Originally posted by Steve Machol
            From: http://www.vbulletin.com/forum/showt...=1#post2166556

            Resolved or not? You message is not clear. If you still gave an issue and do not have any add-on installed, then fill out a support ticket at:



            Please include a complete description of the problem and be sure to include the login info to your Admin CP, phpMyAdmin and FTP in the 'Sensitive Data' field.
            Don't understand why my comment deserved a "start your own thread" (which I already had two...), when so many others are debating the same issue and not receiving a snidey comment?

            And besides - if I'm ill-educated, shouldn't your response have been made in "my thread"?

            AndI'm pretty sure the last line of the last post in my support thread is pretty straight forward;

            With the 'Patch' though (and YUI amend in admincp), a search for my forum in Google is still directing elsewhere...
            But I will support a ticket thanks - but my faith in vBulletin is absolutely shot and I'd be reluctant to hand over that sensitive information.

            Still at loss towards the "no comment" stance to the "Your fix doesn't work....". www.grandoldteam.com/forum . View source - amends made - google the forum - directed elsewhere.

            Comment

            • Steve Machol
              Former Customer Support Manager
              • Jul 2000
              • 154488

              #81
              Originally posted by Bacon Butty
              Don't understand why my comment deserved a "start your own thread" (which I already had two...), when so many others are debating the same issue and not receiving a snidey comment?

              And besides - if I'm ill-educated, shouldn't your response have been made in "my thread"?

              AndI'm pretty sure the last line of the last post in my support thread is pretty straight forward;



              But I will support a ticket thanks - but my faith in vBulletin is absolutely shot and I'd be reluctant to hand over that sensitive information.

              Still at loss towards the "no comment" stance to the "Your fix doesn't work....". www.grandoldteam.com/forum . View source - amends made - google the forum - directed elsewhere.
              Sorry you felt it was 'snide'. That was certainly not my intention.

              Also I was not aware you already had two other threads on this same issue when I posted that. I was merely trying to make sure your issue got the attention it deserved. Unfortunately try as I might, I am simply not all-knowing. All can do is try my best.
              Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
              Change CKEditor Colors to Match Style (for 4.1.4 and above)

              Steve Machol Photography


              Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


              Comment

              • Bacon Butty
                Senior Member
                • Jun 2005
                • 162

                #82
                Originally posted by Steve Machol
                Sorry you felt it was 'snide'. That was certainly not my intention.

                Also I was not aware you already had two other threads on this same issue when I posted that. I was merely trying to make sure your issue got the attention it deserved. Unfortunately try as I might, I am simply not all-knowing. All can do is try my best.
                And after all these shenanigans - I'm still none the wiser. Not one comment has been made here, or in either of my two threads, offering advise as to why the fix itself isn't fixing the problem? I'm genuinely baffled - sure, I've lodged a support ticket - but it's as though vBulletin are scared to make any sort of comment in public?

                Either way. A week on, I'll continue pressing F5 on my thread as the vast majority of my forums traffic are directed elsewhere. I'll excuse myself now. Sorry to the OP for sabotaging your thread - a member made a post of which I was hoping could be elaborated to the assistance of myself and possibly others. Silly me.

                Comment

                • Zachery
                  Former vBulletin Support
                  • Jul 2002
                  • 59097

                  #83
                  Your exploit has nothing to do with our patch.

                  You have a support ticket open with me and I've replied asking for more information. We updated YUI as a precaution to a potential issue, instead of waiting to let it get exploited and fixing it then.

                  The sooner you respond to the ticket with the information requested the sooner we can look at the issue.
                  Last edited by Zachery; Fri 3 Jun '11, 11:31am.

                  Comment

                  • ampersand
                    Senior Member
                    • Mar 2005
                    • 308
                    • 4.0.0

                    #84
                    So how can I fix this ?

                    Comment

                    • Ramsesx
                      Senior Member
                      • Aug 2005
                      • 3254
                      • 3.8.x

                      #85
                      Originally posted by Bacon Butty

                      Either way. A week on, I'll continue pressing F5 on my thread as the vast majority of my forums traffic are directed elsewhere.
                      Next time press the "support ticket" button first...
                      .......

                      Comment

                      • Paul M
                        Former Lead Developer
                        vB.Com & vB.Org
                        • Sep 2004
                        • 9886

                        #86
                        Originally posted by ampersand
                        So how can I fix this ?
                        Fix what, exactly ?
                        Baby, I was born this way

                        Comment

                        • dizzynation
                          Senior Member
                          • Jun 2011
                          • 354
                          • 4.2.X

                          #87
                          Originally posted by Paul M
                          Fix what, exactly ?
                          same problem here
                          www.filmmakerforum.org
                          www.digidistribution.com

                          Comment

                          • Zachery
                            Former vBulletin Support
                            • Jul 2002
                            • 59097

                            #88
                            Anyone having an issue with their google traffic being refered to another site, open a support ticket.

                            Comment

                            • djbaxter
                              Senior Member
                              • Aug 2006
                              • 1418
                              • 4.2.5

                              #89
                              For those who are still having issues with the Google redirects. another suggestion from a vBSEO thread (it doesn't involve vBSEO itself so it's relevant to forums not running vBSEO):

                              See http://www.vbseo.com/f77/google-redi...tml#post309843

                              Create this .htaccess file for all writeable vBulletin subdirectories (e.g., uploadable images):

                              Code:
                              <Files ~ "\.(php\d*|cgi|pl|phtml)$">
                              order allow,deny
                              deny from all
                              </Files>
                              Alternate suggested version:

                              Code:
                              RedirectMatch 404 .*php\.
                              What this does is prevent the execution of a PHP file disguised as an image file.

                              Note: Do NOT use this in your root or in directories cexecutableseded execautables.

                              Depending on your version of vBulletin and how you have it configured, the following subdirectories may need this protection:
                              • customavatars
                              • signaturepics
                              • customprofilepics
                              • attachments

                              Make sure that all other vBulletin directories are write protected (755 or 644).
                              Psychlinks Web Services Affordable Web Design & Site Management
                              Specializing in Small Businesses and vBulletin/Xenforo Forums

                              Comment

                              • Ramsesx
                                Senior Member
                                • Aug 2005
                                • 3254
                                • 3.8.x

                                #90
                                Originally posted by djbaxter
                                What this does is prevent the execution of a PHP file disguised as an image file.

                                Note: Do NOT use this in your root or in directories cexecutableseded execautables.

                                Depending on your version of vBulletin and how you have it configured, the following subdirectories may need this protection:
                                • customavatars
                                • signaturepics
                                • customprofilepics
                                • attachments

                                Make sure that all other vBulletin directories are write protected (755 or 644).
                                Interesting, is this a new security exploit? Could someone from staff confirm this?
                                .......

                                Comment

                                Related Topics

                                Collapse

                                Working...