Announcement

Collapse
No announcement yet.

E-mail vulnerabilities in 2.2.9?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • E-mail vulnerabilities in 2.2.9?

    I've just discovered that somebody is sending out the Nigerian Fraud scam from my server. We're having trouble determining where it came from.

    My question is are there any known e-mail vulnerabilities in VB 2.2.9? I'm aware there's a problem with the calendar, but the exact nature of the compromise is unclear to me. Could that particular security issue be used to send out spams?

    Yes, I know, upgrade and fix the problems, but first I need to be able to substantiate where the spam was coming from so I can prove to my ISP it didn't come from me. It would be very helpful if I can say "this happened and I did that to correct the problem..." Any potential leads would be appreciated...

  • #2
    Its most likely an open SMTP server rather than a bit of software. As vBulletin would only let you email those registered on the forums.
    Scott MacVicar

    My Blog | Twitter

    Comment


    • #3
      > It's most likely an open SMTP server

      Yes, I have to agree, but tech support can't seem to find an open relay...

      > vBulletin would only let you email those registered on the forums.

      Are you sure of that? What about some kind of mysql exploit using the calendar issue? Any way to launch mail from there? (No, I don't any want details, just whether it's theoretically possible)

      Comment


      • #4
        No the calendar exploit would only let you fetch data it wouldn't let you email anything.

        Do you have any sort of formail.cgi scripts installed? You'd be able to see any mass emails from apache logs.
        Scott MacVicar

        My Blog | Twitter

        Comment


        • #5
          Update...


          We finally figured out the problem (having several domains on one IP can make troubleshooting complicated...)

          Turns out it was a security issue with PHPNuke, on a different site, but sharing the same mail server, that was totally unrelated to VB. There's a flaw in the PHPNuke webmail program big enough to drive a tractor trailer load of spam through, and that's just what our "buddies" at Ripe Network were doing.

          Again, not at all related to VB...

          Comment


          • #6
            Php/post nuke are both rampant with security bugs, why anyone wants to intergrate them into vB is beyond me.

            RHarbison not pointed at you but just stating in general, i am glad you have found and fixed the issue, good luck with your site

            Comment


            • #7
              Originally posted by Zachery
              Php/post nuke are both rampant with security bugs, why anyone wants to intergrate them into vB is beyond me.
              Well as I said in my reply "issue with PHPNuke, on a different site, but sharing the same mail server, that was totally unrelated to VB."

              The only reason I even mentioned it here was that I brought up the fact that my site was being hacked and questioned if VB was responsible. Now I'm following up and saying "No, nothing to do with VB..."

              As for why integrate, VBportal, which uses it, does have some great features. For example the list of current threads was very popular. I ran it when I was using VB2 and the portal page it created increased my forum traffic dramatically. I do miss some of that stuff but I'm exploring other options for VB3 due to the exact concerns you mention.

              Comment

              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
              Working...
              X