Announcement

Collapse
No announcement yet.

Avatar with a virus on vB.org

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Avatar with a virus on vB.org

    I cannot login to vB.org because there is some security risk.
    (Some avatar is misbehaving)

    Please let them know about the security risk.
    Attached Files


    vB5 is unequivocally the best forum software, but not yet...

  • #2
    This is the file in question - it should be harmless.

    http://www.vbulletin.org/custompics/...tar24495_0.gif
    anders | vbulletin team | check out the new vbulletin facebook app
    Proudly vBulletin'ing since 2001
    Please be my friend!
    http://www.twitter.com/inetskunkworks
    vBulletin Performance Articles:
    Click here to read

    Comment


    • #3
      I've removed the avatar.

      Please don't PM or VM me for support - I only help out in the threads.
      vBulletin Manual & vBulletin 4.0 Code Documentation (API)
      Want help modifying your vbulletin forum? Head on over to vbulletin.org
      If I post CSS and you don't know where it goes, throw it into the additional.css template.

      W3Schools <- awesome site for html/css help

      Comment


      • #4
        Thanks for the prompt action.
        It will take time for Norton to remove the warning from the site.


        vB5 is unequivocally the best forum software, but not yet...

        Comment


        • #5
          Originally posted by Lynne View Post
          I've removed the avatar.
          So the avatar was actually a virus?
          Dean Clatworthy - Web Developer/Designer

          Comment


          • #6
            Originally posted by Dean C View Post
            So the avatar was actually a virus?
            I could see nothing on my Mac. However, that avatar was reported before for the same thing.

            Please don't PM or VM me for support - I only help out in the threads.
            vBulletin Manual & vBulletin 4.0 Code Documentation (API)
            Want help modifying your vbulletin forum? Head on over to vbulletin.org
            If I post CSS and you don't know where it goes, throw it into the additional.css template.

            W3Schools <- awesome site for html/css help

            Comment


            • #7
              What was the avatar?

              If it was just some innocent users avatar, perhaps it hsould be submitted to norton as a false positive...
              Some of my Mods:
              Advanced IP Ban Manager (vb3.6+ version) - Fine grained control over blocking trouble makers.
              Advanced IP Ban Manager (vb4 version) - Fine grained control over blocking trouble makers.
              Use Original thread for Comments - Uses the original thread for comments for any forum threads promoted to CMS articles.
              Custom Friendly Urls - Allows customisation of forum urls from the admin CP.

              Comment


              • #8
                gif images or animations cannot contain viruses.

                Comment


                • #9
                  Not strictly true. It could be an exe renamed as a gif. However i doubt this is the case.
                  Some of my Mods:
                  Advanced IP Ban Manager (vb3.6+ version) - Fine grained control over blocking trouble makers.
                  Advanced IP Ban Manager (vb4 version) - Fine grained control over blocking trouble makers.
                  Use Original thread for Comments - Uses the original thread for comments for any forum threads promoted to CMS articles.
                  Custom Friendly Urls - Allows customisation of forum urls from the admin CP.

                  Comment


                  • #10
                    Originally posted by Coherentism View Post
                    gif images or animations cannot contain viruses.
                    Even .jpg files can contain infections.
                    The hole has been patched,they are not dangerous anymore with a relatively new system.


                    vB5 is unequivocally the best forum software, but not yet...

                    Comment


                    • #11
                      The file actually did show some JavaScript code and an iframe when viewed with notepad. I doubt however if this would have been executed by any browser, but it has now been removed as precaution.
                      Want to take your board beyond the standard vBulletin features?
                      Visit the official Member to Member support site for vBulletin Modifications: www.vbulletin.org

                      Comment


                      • #12
                        Is this security hole ?

                        Comment


                        • #13
                          Please read the thread. It's pretty clear what this was.

                          Comment


                          • #14
                            Definitely not a software security problem; this is a pretty common practice; I suspect that what they were doing is http://en.wikipedia.org/wiki/Cookie_stuffing
                            anders | vbulletin team | check out the new vbulletin facebook app
                            Proudly vBulletin'ing since 2001
                            Please be my friend!
                            http://www.twitter.com/inetskunkworks
                            vBulletin Performance Articles:
                            Click here to read

                            Comment

                            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                            Working...
                            X