Announcement

Collapse
No announcement yet.

vBulletin 3.x and 4.x Redirect Security Exploit

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #46
    Thanks for the reply, although I believe I have both steps 1 and 2 covered. 3.6.0 of vbseo, and I downloaded my existing core_class.php to edit, then re-uploaded it. Just changed the 7 to a 9.

    I tried a server reboot as suggested by motowebmaster, but had no luck there, I just ended up with every page, even forum home, giving:

    Warning: Cannot modify header information - headers already sent by (output started at [path]/includes/class_core.php:1) in [path]/includes/functions.php on line 3904


    I also tried disabling VBSEO and vbOptimize (which handles CDN caching of many files), and still had no luck.

    Anything else I can try?


    Originally posted by djbaxter View Post
    1. Make sure you have tyhe latest version of vBSEO installed.

    2. Make sure you are uploading the correct version of includes/class_core.php
    - I got a similar error when I first tried to change the version but it turned out I was uploading an earlier version that the one I was running (4.13).
    Last edited by swiftor; Tue 31st May '11, 5:10am.
    GameOn Friendly Multiplayer Gaming Community

    Comment


    • #47
      Sounds like you added an extra carriage return (or some other charcter) before the <?php opening tag in class_core.php.
      Sphinx Search for vBulletin 4: https://marketplace.digitalpoint.com...tin-4.870/item
      Someone send me a message on Twitter when this site is usable again. https://twitter.com/digitalpoint

      Comment


      • #48
        So much for the YUI theory. I did as instructed, worked for a day and now I'm redirecting again. @#$%^%%^ !!!!

        Comment


        • #49
          I don't get why there is a security patch, so far as it is known, there are only two yui files affected, one isn't in vB3.x and the other one was patched already. An explanation would be appreciated.
          .......

          Comment


          • #50
            Originally posted by Ramsesx View Post
            I don't get why there is a security patch, so far as it is known, there are only two yui files affected, one isn't in vB3.x and the other one was patched already. An explanation would be appreciated.
            Better safe than sorry.

            Comment


            • #51
              Originally posted by Zachery View Post
              Better safe than sorry.
              That's true. Good job.
              .......

              Comment


              • #52
                The download for 3.8.7 pl1 and my current version yui (3.8.5) are the exact same file sizes on all files. Changing the define in class_core won't do anything for local hosted.

                So, why isn't the local instance patched? I have no desire to run remote when i have my own min functionality and cdn serving my js with superior performance of my own server and minimization and skips a dns lookup over remotely hosted.

                Should i just download yui from yahoo themselves and find the files to upload on my own? why weren't the files updated?

                Comment


                • #53
                  Thanks, edited it via Putty and it seems fine now!

                  Now to see if traffic bumps up..

                  Originally posted by digitalpoint View Post
                  Sounds like you added an extra carriage return (or some other charcter) before the <?php opening tag in class_core.php.
                  GameOn Friendly Multiplayer Gaming Community

                  Comment


                  • #54
                    I don't understand the security patch- it only changes the line in the class_core.php file to 2.9.0. What if your settings were set to use a local copy of the files (like mine were)? How can changing a line in a file upgrade your local copy of your YUI files?

                    Comment


                    • #55
                      Hmm, so does the 3.8.7 PL1 include the latest YUI, or it doesn't? I serve my own to save a DNS look up, and I combine my .js files to save http requests. I'm not about to revert these improvements. Could a vB staff please confirm the latest YUI is or isn't included?

                      Comment


                      • #56
                        Right now, i Don't believe it does, you should serve the YUI from Google/Yahoo

                        Comment


                        • #57
                          Originally posted by dendrob View Post
                          So much for the YUI theory. I did as instructed, worked for a day and now I'm redirecting again. @#$%^%%^ !!!!
                          Same here, in addition to this error;
                          http://www.vbulletin.com/forum/showt...ch-Not-Working

                          I think the issue is beyond the YUI

                          Originally posted by Zachery View Post
                          Right now, i Don't believe it does, you should serve the YUI from Google/Yahoo
                          What if that doesn't resolve the issue?

                          If you check my forum. View the source code, you'll see the YUI amend has been made.

                          Then google 'Everton Forum' - Click my forum and you'll more likely than not end up at a dodgy myfilestore.com link.

                          Comment


                          • #58
                            Originally posted by Zachery View Post
                            Right now, i Don't believe it does, you should serve the YUI from Google/Yahoo
                            Thanks for the confirmation of a half-patch.

                            Patching on my own, again..........................

                            Comment


                            • #59
                              I did all of the steps a few days ago and they got me again today. I have upped security... changed passwords. What can I do to stop this?

                              Comment


                              • #60
                                check your logs. no one really knows and any log data you have may help find the leak.

                                Comment

                                Related Topics

                                Collapse

                                Working...
                                X