Go Back   vb.org Archive > Community Central > Community Lounge
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #21  
Old 04-07-2007, 08:04 PM
rjmjr69's Avatar
rjmjr69 rjmjr69 is offline
 
Join Date: Jan 2007
Location: Southie
Posts: 876
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by cashpath View Post
Hey CMX any chance you can have the VB.org guys send you a list of the exploits and then you can pass them onto another coder who would be willing to at least fix those exploits for this version while you are working on 2.0?

Real good idea. How about CM? At least until 2.0 comes out this will release allot of your stress I'm sure. And keep people happy for now.
Reply With Quote
  #22  
Old 04-07-2007, 09:01 PM
KHALIK KHALIK is offline
 
Join Date: May 2005
Posts: 211
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

removed...
Reply With Quote
  #23  
Old 04-07-2007, 09:06 PM
kall's Avatar
kall kall is offline
 
Join Date: Apr 2004
Location: New Zealand
Posts: 2,608
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Given that the exploits were confirmed to be present in the 1.5.81 file by a member of Staff, advertising the fact that you have it installed on your forums isn't the wisest course of action, IMO.
Reply With Quote
  #24  
Old 04-07-2007, 09:10 PM
KHALIK KHALIK is offline
 
Join Date: May 2005
Posts: 211
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

removed
Reply With Quote
  #25  
Old 04-08-2007, 02:45 AM
Luky Luky is offline
 
Join Date: Oct 2006
Location: Australia
Posts: 595
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by kall View Post
Given that the exploits were confirmed to be present in the 1.5.81 file by a member of Staff, advertising the fact that you have it installed on your forums isn't the wisest course of action, IMO.
Rofl at that!! I dont think he realises that they can fully crash his site and coz his daily backups are located on the server, they can just delete them. Also having the latest version of vB isnt gona stop them since vB isnt the exploit, vBplaza is!!

Anywho, i speak on behalf of all of us when i say, This sucks.
Reply With Quote
  #26  
Old 04-08-2007, 04:51 AM
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Posts: 4,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Paul M View Post
The "fixed" version has been checked by the staff who examined the original exploits and they have not been found to be fixed. Therefore we have had to remove the new version.
Wouldn't it be safe it the next version that was released was checked my staff first?! :|

If the conversation was true how CMX said that was the fix, and it dosen't fix it ... Interesting.
Reply With Quote
  #27  
Old 04-08-2007, 05:09 AM
Matt_270581 Matt_270581 is offline
 
Join Date: Nov 2004
Location: Australia
Posts: 52
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm pretty confident if you disable a couple of the usertitle functions and the PM sending functions in each of the action files and the main functions file this will be safe. I will take the chance. Someone let me know if I am wrong.
Reply With Quote
  #28  
Old 04-08-2007, 05:16 AM
Luky Luky is offline
 
Join Date: Oct 2006
Location: Australia
Posts: 595
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Shazz View Post
Wouldn't it be safe it the next version that was released was checked my staff first?! :|

If the conversation was true how CMX said that was the fix, and it dosen't fix it ... Interesting.
Maby he doesnt know the exploit or maby he fixed one and there is more.
Reply With Quote
  #29  
Old 04-08-2007, 05:59 AM
Bratz-Designs Bratz-Designs is offline
 
Join Date: Jul 2005
Location: Netherlands
Posts: 236
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Shazz View Post
Wouldn't it be safe it the next version that was released was checked my staff first?! :|

If the conversation was true how CMX said that was the fix, and it dosen't fix it ... Interesting.
*Cough*

He used part of the code you offer at your site. You tell everyone that thats save....

*Cough*
Reply With Quote
  #30  
Old 04-08-2007, 07:22 AM
Luky Luky is offline
 
Join Date: Oct 2006
Location: Australia
Posts: 595
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I dont understand what you just said Barbie, I mean Bratz! :P (I gota pick up Bratz and barbie dolls at my job in Toy section of Target...)
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:27 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05037 seconds
  • Memory Usage 2,258KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete