vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Forums email system security vulnerability (https://vborg.vbsupport.ru/showthread.php?t=283860)

sydude 06-02-2012 05:33 PM
Forums email system security vulnerability
 
Hi guys. I'm running my forum on 3.8.4, and have been hit twice in the past week with a spammer evidently sending a ton of spam through our forum's contact us system. Can someone please advise if this is a known vulnerability that requires vB software upgrade to resolve, or if not, what other course of action I should be taking?

Here is a copy of the header of the email that was sent out:

Quote:
From www.skippyforums.com@xenon2.zerolag.com Sat Jun 02 04:20:07 2012
Received: from fantasiescometrue.com ([67.201.61.149]:58927 helo=xenon2.zerolag.com)
by gator351.hostgator.com with esmtp (Exim 4.77)
(envelope-from <www.skippyforums.com@xenon2.zerolag.com>)
id 1SakVD-0000qa-0G
for steve@qwik-cash.com; Sat, 02 Jun 2012 04:20:07 -0500
Received: by xenon2.zerolag.com (Postfix, from userid 1193)
id 1FAAB8EC4E6; Sat, 2 Jun 2012 02:20:01 -0700 (PDT)
To: steve.hachey@yahoo.ca, steve.jagodic@yahoo.com, steve.jl@ntlworld.com, Steve.M.Weber@gmail.com, steve@aquamiracle.com, steve@hesketh.us, steve@leonard3.com, steve@merritt.co.uk, steve@qwik-cash.com, steve_ra1@yahoo.com, steve3843@gmail.com, steve-bmw@tesco.net, steveccowley@gmail.com, ETC ETC...
and here's the rest of the header at the end of the recipient list:

Quote:
Subject: Need Work? This Company Needs Your Help!
From: "Team Juicy Racing's Skip Barber Racing School and Race Series Forums" <support@skippyforums.com>
Auto-Submitted: auto-generated
Message-ID: <20120602091959.256d07123a72@www.skippyforums.co m>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Priority: 3
X-Mailer: vBulletin Mail via PHP
Date: Sat, 2 Jun 2012 02:20:01 -0700 (PDT)
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=2.4
X-Spam-Score: 24
X-Spam-Bar: ++
X-Spam-Flag: NO


All times are GMT. The time now is 10:09 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01315 seconds
  • Memory Usage 1,712KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (1)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete