Announcement

Collapse
No announcement yet.

Yahoo YUI Security Exploit 'Patch' Not Working

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Forum] Yahoo YUI Security Exploit 'Patch' Not Working

    Hi,

    I'm having a bit of a nightmare with the Yahoo YUI Security Exploit issue.

    I reported the problems I was having with search engine traffic being maliciously directed elsewhere and was relieved to see a fix published here;

    http://www.vbulletin.com/forum/showt...15#post2165615

    I haven't got the time to fight the inevitable vBulletin issues in upgrading, so I opted for the simple patch;

    To manually fix versions prior to vBulletin 4.1.3 and 3.8.7
    Edit one line in class_core.php file located in /includes/class_core.php ; find the following line “define('YUI_VERSION', '2.7.0'); // define the YUI version we bundle” ; replace this line with “define('YUI_VERSION', '2.9.0'); // define the YUI version we bundle”
    In AdminCP; Go to “Options” => “Server Settings and Optimization Options” ; find “Use Remote YUI” option and in the dropdown switch to a server of your choice, Google or Yahoo.
    Unfortunately, this simple 'fix' is causes mayhem. Users have reported issues in mass when I perform that edit... screenshotting the likes of the below;



    Avatars dont display, and the it causes the dreaded “black diamond question mark” symbol for any 'special character' - such as a question mark.

    Any ideas? Any help would be appreciated.

    My forum is 4.1.2

  • #2
    Have they tried a hard refresh (CTRL+F5) or clear their browser cache ?
    Baby, I was born this way

    Comment


    • #3
      Originally posted by Paul M View Post
      Have they tried a hard refresh (CTRL+F5) or clear their browser cache ?
      Thanks for trying to help.

      Yes - myself included, with all IE, Chrome and Firefox.

      Comment


      • #4
        You probably just edited the CLASS_CORE file but did not set the YUI to be pulled from a remote location; please check this in your AdminCP.
        anders | vbulletin team | check out the new vbulletin facebook app
        Proudly vBulletin'ing since 2001
        Please be my friend!
        http://www.twitter.com/inetskunkworks
        vBulletin Performance Articles:
        Click here to read

        Comment


        • #5
          Originally posted by IBxAnders View Post
          You probably just edited the CLASS_CORE file but did not set the YUI to be pulled from a remote location; please check this in your AdminCP.
          Thanks for offering assistance but I can assure you, 'Use Remote YUI' in 'Server Settings and Optimization Options' has been set at Google, and later Yahoo.
          Last edited by Bacon Butty; Wed 1st Jun '11, 1:19pm.

          Comment


          • #6
            What site are you having problems with? I look at one of them and it shows this in the page source:

            Code:
            <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/yui/2.8.2/build/yuiloader-dom-event/yuiloader-dom-event.js?v=412"></script>
            <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/yui/2.8.2/build/connection/connection-min.js?v=412"></script>
            It is not pulling the 2.9.0 build.

            However, I also notice this at the top of the page:
            Code:
            
            That means you most likely didn't use a plain text editor when editing the file. That will cause issues.

            Please don't PM or VM me for support - I only help out in the threads.
            vBulletin Manual & vBulletin 4.0 Code Documentation (API)
            Want help modifying your vbulletin forum? Head on over to vbulletin.org
            If I post CSS and you don't know where it goes, throw it into the additional.css template.

            W3Schools &lt;- awesome site for html/css help

            Comment


            • #7
              Originally posted by Lynne View Post
              What site are you having problems with? I look at one of them and it shows this in the page source:

              Code:
              <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/yui/2.8.2/build/yuiloader-dom-event/yuiloader-dom-event.js?v=412"></script>
              <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/yui/2.8.2/build/connection/connection-min.js?v=412"></script>
              It is not pulling the 2.9.0 build.
              Thanks Lynne.

              I just changed from 2.9.0 to 2.8.2 - on a suggestion I read in here to see if it made any difference.

              Originally posted by Lynne View Post
              Originally posted by Lynne View Post
              However, I also notice this at the top of the page:
              Code:
              
              That means you most likely didn't use a plain text editor when editing the file. That will cause issues.
              Odd. I can't see that? All my edits are in notepad? - Could you kindly screenshot?

              Comment


              • #8
                You have a UTF8 bom marker in one or more of your files, likely your config.php file.

                Comment


                • #9
                  Originally posted by Bacon Butty View Post
                  Thanks Lynne.

                  I just changed from 2.9.0 to 2.8.2 - on a suggestion I read in here to see if it made any difference.



                  Odd. I can't see that? All my edits are in notepad? - Could you kindly screenshot?
                  You can see it right at the top if you view your page source. It flashed quickly for me when I went to your site which is how I knew to look for it.

                  Please don't PM or VM me for support - I only help out in the threads.
                  vBulletin Manual & vBulletin 4.0 Code Documentation (API)
                  Want help modifying your vbulletin forum? Head on over to vbulletin.org
                  If I post CSS and you don't know where it goes, throw it into the additional.css template.

                  W3Schools &lt;- awesome site for html/css help

                  Comment


                  • #10
                    Got the same problem here


                     is appearing at the top of the page.

                    What do I need to do to fix this?

                    Edit: got it working.
                    Last edited by RitaW; Thu 2nd Jun '11, 1:20am.

                    Comment


                    • #11
                      Thanks again guys. Very kind for support - sorry for the delay in response, forums went down for maintenance last night.

                      Originally posted by Zachery View Post
                      You have a UTF8 bom marker in one or more of your files, likely your config.php file.
                      Do you mean this in config.php?

                      // $config['Mysqli']['charset'] = 'utf8';
                      I've not edited this file? Is this now conflicting with the YUI change?

                      Originally posted by Lynne View Post
                      You can see it right at the top if you view your page source. It flashed quickly for me when I went to your site which is how I knew to look for it.
                      Thanks Lynne but I really can't see it - I must be losing the plot.

                      I made the very simple file edit in notepad as so;



                      And I can't see this code on the website itself;



                      Or the source code;




                      Originally posted by RitaW View Post
                      Got the same problem here


                       is appearing at the top of the page.

                      What do I need to do to fix this?

                      Edit: got it working.
                      C'mon Rita! That's just teasing....

                      Comment


                      • #12
                        Update.

                        One of the members has published a picture of aforementioned code.



                        So fixing this should resolve the issue?

                        How do I fix something I can't see :/

                        Any ideas?

                        Comment


                        • #13
                          Its got to be in one of your files, likely the config.php file.

                          Comment


                          • #14
                            I uploaded my config.php file again and that has removed it, all my thumbnails and avatars are back how they should be.
                            Canon Fodder Forums






                            Comment


                            • #15
                              Thanks all. Resolved. Was never config as that file was never amended.

                              Download PHP Editor and that detected the odd code that a save with notepad seemed to insert.

                              With the 'Patch' though (and YUI amend in admincp), a search for my forum in Google is still directing elsewhere.

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...
                              X