Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page Forums email system security vulnerability
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 06-02-2012, 05:33 PM
sydude's Avatar
sydude sydude is offline
 
Join Date: Aug 2004
Location: New York
Posts: 41
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Forums email system security vulnerability
Hi guys. I'm running my forum on 3.8.4, and have been hit twice in the past week with a spammer evidently sending a ton of spam through our forum's contact us system. Can someone please advise if this is a known vulnerability that requires vB software upgrade to resolve, or if not, what other course of action I should be taking?

Here is a copy of the header of the email that was sent out:

Quote:
From www.skippyforums.com@xenon2.zerolag.com Sat Jun 02 04:20:07 2012
Received: from fantasiescometrue.com ([67.201.61.149]:58927 helo=xenon2.zerolag.com)
by gator351.hostgator.com with esmtp (Exim 4.77)
(envelope-from <www.skippyforums.com@xenon2.zerolag.com>)
id 1SakVD-0000qa-0G
for steve@qwik-cash.com; Sat, 02 Jun 2012 04:20:07 -0500
Received: by xenon2.zerolag.com (Postfix, from userid 1193)
id 1FAAB8EC4E6; Sat, 2 Jun 2012 02:20:01 -0700 (PDT)
To: steve.hachey@yahoo.ca, steve.jagodic@yahoo.com, steve.jl@ntlworld.com, Steve.M.Weber@gmail.com, steve@aquamiracle.com, steve@hesketh.us, steve@leonard3.com, steve@merritt.co.uk, steve@qwik-cash.com, steve_ra1@yahoo.com, steve3843@gmail.com, steve-bmw@tesco.net, steveccowley@gmail.com, ETC ETC...
and here's the rest of the header at the end of the recipient list:

Quote:
Subject: Need Work? This Company Needs Your Help!
From: "Team Juicy Racing's Skip Barber Racing School and Race Series Forums" <support@skippyforums.com>
Auto-Submitted: auto-generated
Message-ID: <20120602091959.256d07123a72@www.skippyforums.co m>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Priority: 3
X-Mailer: vBulletin Mail via PHP
Date: Sat, 2 Jun 2012 02:20:01 -0700 (PDT)
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=2.4
X-Spam-Score: 24
X-Spam-Bar: ++
X-Spam-Flag: NO
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 06:32 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07737 seconds
  • Memory Usage 2,159KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete