Avatar with a virus on vB.org

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • beishe8
    Senior Member
    • Oct 2005
    • 6782
    • 4.2.X

    Avatar with a virus on vB.org

    I cannot login to vB.org because there is some security risk.
    (Some avatar is misbehaving)

    Please let them know about the security risk.
    Attached Files


    vB5 is unequivocally the best forum software, but not yet...
  • IBxAnders
    Senior Member
    • Aug 2001
    • 1172
    • 4.0.x

    #2
    This is the file in question - it should be harmless.

    anders | vbulletin team | check out the new vbulletin facebook app
    Proudly vBulletin'ing since 2001
    Please be my friend!
    http://www.twitter.com/inetskunkworks
    vBulletin Performance Articles:
    Click here to read

    Comment

    • Lynne
      Former vBulletin Support
      • Oct 2004
      • 26255

      #3
      I've removed the avatar.

      Please don't PM or VM me for support - I only help out in the threads.
      vBulletin Manual & vBulletin 4.0 Code Documentation (API)
      Want help modifying your vbulletin forum? Head on over to vbulletin.org
      If I post CSS and you don't know where it goes, throw it into the additional.css template.

      W3Schools <- awesome site for html/css help

      Comment

      • beishe8
        Senior Member
        • Oct 2005
        • 6782
        • 4.2.X

        #4
        Thanks for the prompt action.
        It will take time for Norton to remove the warning from the site.


        vB5 is unequivocally the best forum software, but not yet...

        Comment

        • Dean C
          Senior Member
          • Mar 2002
          • 4571
          • 3.5.x

          #5
          Originally posted by Lynne
          I've removed the avatar.
          So the avatar was actually a virus?
          Dean Clatworthy - Web Developer/Designer

          Comment

          • Lynne
            Former vBulletin Support
            • Oct 2004
            • 26255

            #6
            Originally posted by Dean C
            So the avatar was actually a virus?
            I could see nothing on my Mac. However, that avatar was reported before for the same thing.

            Please don't PM or VM me for support - I only help out in the threads.
            vBulletin Manual & vBulletin 4.0 Code Documentation (API)
            Want help modifying your vbulletin forum? Head on over to vbulletin.org
            If I post CSS and you don't know where it goes, throw it into the additional.css template.

            W3Schools <- awesome site for html/css help

            Comment

            • Carnage-
              Senior Member
              • Jan 2005
              • 758
              • 3.8.x

              #7
              What was the avatar?

              If it was just some innocent users avatar, perhaps it hsould be submitted to norton as a false positive...
              Some of my Mods:
              Advanced IP Ban Manager (vb3.6+ version) - Fine grained control over blocking trouble makers.
              Advanced IP Ban Manager (vb4 version) - Fine grained control over blocking trouble makers.
              Use Original thread for Comments - Uses the original thread for comments for any forum threads promoted to CMS articles.
              Custom Friendly Urls - Allows customisation of forum urls from the admin CP.

              Comment

              • Coherentism
                New Member
                • Aug 2009
                • 22

                #8
                gif images or animations cannot contain viruses.

                Comment

                • Carnage-
                  Senior Member
                  • Jan 2005
                  • 758
                  • 3.8.x

                  #9
                  Not strictly true. It could be an exe renamed as a gif. However i doubt this is the case.
                  Some of my Mods:
                  Advanced IP Ban Manager (vb3.6+ version) - Fine grained control over blocking trouble makers.
                  Advanced IP Ban Manager (vb4 version) - Fine grained control over blocking trouble makers.
                  Use Original thread for Comments - Uses the original thread for comments for any forum threads promoted to CMS articles.
                  Custom Friendly Urls - Allows customisation of forum urls from the admin CP.

                  Comment

                  • beishe8
                    Senior Member
                    • Oct 2005
                    • 6782
                    • 4.2.X

                    #10
                    Originally posted by Coherentism
                    gif images or animations cannot contain viruses.
                    Even .jpg files can contain infections.
                    The hole has been patched,they are not dangerous anymore with a relatively new system.


                    vB5 is unequivocally the best forum software, but not yet...

                    Comment

                    • Marco van Herwaarden
                      Senior Member
                      • Nov 2004
                      • 6999
                      • 3.8.x

                      #11
                      The file actually did show some JavaScript code and an iframe when viewed with notepad. I doubt however if this would have been executed by any browser, but it has now been removed as precaution.
                      Want to take your board beyond the standard vBulletin features?
                      Visit the official Member to Member support site for vBulletin Modifications: www.vbulletin.org

                      Comment

                      • crichighlights
                        Senior Member
                        • Feb 2009
                        • 276
                        • 3.8.x

                        #12
                        Is this security hole ?

                        Comment

                        • feldon23
                          Senior Member
                          • Nov 2001
                          • 11291
                          • 3.7.x

                          #13
                          Please read the thread. It's pretty clear what this was.

                          Comment

                          • IBxAnders
                            Senior Member
                            • Aug 2001
                            • 1172
                            • 4.0.x

                            #14
                            Definitely not a software security problem; this is a pretty common practice; I suspect that what they were doing is http://en.wikipedia.org/wiki/Cookie_stuffing
                            anders | vbulletin team | check out the new vbulletin facebook app
                            Proudly vBulletin'ing since 2001
                            Please be my friend!
                            http://www.twitter.com/inetskunkworks
                            vBulletin Performance Articles:
                            Click here to read

                            Comment

                            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                            Working...