vb.org Archive
Page 6 of 24 « First 45 6 7816 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   News and Announcements (https://vborg.vbsupport.ru/forumdisplay.php?f=2)
-   -   Important: It is all about trust (https://vborg.vbsupport.ru/showthread.php?t=115640)

sabret00the 05-15-2006 03:38 PM
find
PHP Code:
hight="1" 
replace with
PHP Code:
height="1" 
and then we'll talk :p

only joking.

Logikos 05-15-2006 03:39 PM
lol This was taking stright from the users plugin code. He should fix that. :p

Paul M 05-15-2006 03:55 PM
Quote:
Originally Posted by sabret00the
is this all down to the vBsoccer RSS hack?

if so his reasoning is about right, there's no free Football RSS score feeds available for a reason and even if he was to resyndicate the content, it would just seap to out of vBulletin use and his server would be hammered.

if not, then share the secret? :p
Nope, I think it's about the code that tries to call the vb.org "install" link when a product is first installed. This is something I (and a few others) added recently after a discussion about it in mid April.

Basically when a product is first installed (not updated) it tries to link to /vborg_miscactions.php?do=installhack. If the link is made then it's the same as manually clicking install, if the link fails then nothing at all happens. The same happens if you uninstall a product. It has nothing to do with plugins within plugins, backdoors, security, added functionality or anything else mentioned, it's a simple link back to the vb.org site.

As far as I can tell - it will also fail unless you are logged into vb.org at the time, meaning it's not actually that useful, the majority of people still actually have to click the links manually.

If this thead really is about this then it's unbelievably over the top - reading the first post gives the impression of some major security threat or alert, not some minor call back to vb.org.

Chroder 05-15-2006 03:58 PM
I think it's also a preemptory warning. Spyware (because that's what it is when you get down to it, doing an action the user didn't consent to) won't be tolerated.

Xenon 05-15-2006 04:00 PM
Quote:
Originally Posted by Paul M
reading the first post gives the impression of some major security threat or alert, not some minor call back to vb.org.
Parts of first post:
Quote:
Originally Posted by MarcoH64
The reason for this thread is that, to our own shame, we received recently reports that there are coders who do incorporate hidden functionalities in their modifications. Lucky the type of hidden functions could be considered as relative harmless, but we will nevertheless not tolerate this. [high]I would like to emphasize that this did not sent any security or privacy related information, nor did it in anyway brake the security of your site.[/high]

The discovered hidden functionality where aimed at a backdoor in the services of vBulletin.org itself, and have by now been closed. The effect of this functionality will be corrected by us soon. There has been no negative effects on the boards that are using any of these modifications.

Logikos 05-15-2006 04:01 PM
@Paul, thats why this thread is here. Because you and a few others added a link back to the vb.org site.

Xenon 05-15-2006 04:01 PM
Quote:
Originally Posted by Chroder
I think it's also a preemptory warning. Spyware (because that's what it is when you get down to it, doing an action the user didn't consent to) won't be tolerated.
exactly!

The Chief 05-15-2006 04:02 PM
Thanks for telling us :)

peterska2 05-15-2006 04:04 PM
Quote:
Originally Posted by Chroder
I think it's also a preemptory warning. Spyware (because that's what it is when you get down to it, doing an action the user didn't consent to) won't be tolerated.
agreed 200%

Mark.B 05-15-2006 04:06 PM
This is, as you say, about trust, therefore the list of known affected hacks MUST be disclosed, without question.


All times are GMT. The time now is 05:11 PM.
Page 6 of 24 « First 45 6 7816 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01302 seconds
  • Memory Usage 1,745KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (5)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete