Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > Premium Archives > ibProArcade Archive
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Weary of installing Details »»
Weary of installing
Version: , by Jase2 Jase2 is offline
Developer Last Online: Jun 2009 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 05-05-2008 Last Update: Never Installs: 0
 
No support by the author.

Someone who had this installed (MajorGeeks) have completely removed the arcade due to exploits. Spam through emails.

You either need to provide a fix, or completely remove this. In the meantime, I'm moving to the other arcade.

http://forums.majorgeeks.com/showthread.php?t=158698

Quote:
Originally Posted by Major Attitude
No problems, someone exploited a hole and the problem has been solved, basically the arcade has been removed. It is the repeated cause of many exploits, apparently the author can't keep up, so it is removed. Your account info is secure and not realted.
Quote:
Originally Posted by Major Attitude
Yes, we have had security issues on this forum 3 times I can remember. All 3 were arcade exploits. It is the reason we moved the forums to their own servers (to not compromise the main servers) and the reason we must now completely remove it. Sorry.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 05-05-2008, 12:19 PM
Gladius2007 Gladius2007 is offline
 
Join Date: Nov 2007
Posts: 78
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm awaiting the official response to this issue... can't afford to install mods with known vulnerabilities, no matter how good they are.
Reply With Quote
  #3  
Old 05-05-2008, 07:15 PM
MrZeropage's Avatar
MrZeropage MrZeropage is offline
 
Join Date: Nov 2003
Location: Munich, Germany
Posts: 3,012
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Security was checked twice by vb.org staff and some other testers including myself, I don't see any single point how to use ibProArcade for mailsending/spamming or having any serious security-issue.

I assume they used the latest release v2.6.6+

Yes, in old releases prior to v2.6.0 there where some problems which all have been fixed a long time ago now.
Reply With Quote
  #4  
Old 05-05-2008, 09:02 PM
Jase2 Jase2 is offline
 
Join Date: Dec 2007
Location: USA
Posts: 1,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Look:

Quote:
"it was fairly specific to a certain game this time around"
Games are exploitable.

Quote:
It's also notable that people were finding these in their spam box. The games can be exploited and our emails compromised. It happened. That can't be denied.
This needs looking at.
Reply With Quote
  #5  
Old 05-05-2008, 09:09 PM
Holfy.com Holfy.com is offline
 
Join Date: Mar 2008
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I have the arcade installed on a few sites (all over 150 games). I shall be now asking if anyone has started to receive any emails in their "Spam" inbox. I have had runs in the past where I get members to report games that don't submit high scores and they get removed

So far I have had no problems but if a member happens to confirm this issue then, i REALLY DON'T WANT TO, I will have to remove arcade (ONLY FOR NOW!!!)..

I will also report any negative responses back here. If there are none there will be no responses.

Cheers for this heads up!
Reply With Quote
  #6  
Old 05-06-2008, 11:36 AM
Philipp Philipp is offline
 
Join Date: Oct 2001
Posts: 17
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

MrZeropage:
Please check your PMs for more details and a fix
Reply With Quote
  #7  
Old 05-06-2008, 02:48 PM
Jase2 Jase2 is offline
 
Join Date: Dec 2007
Location: USA
Posts: 1,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thank you Phillip!

Hope the new, patched version is released soon...
Reply With Quote
  #8  
Old 05-06-2008, 06:01 PM
MrZeropage's Avatar
MrZeropage MrZeropage is offline
 
Join Date: Nov 2003
Location: Munich, Germany
Posts: 3,012
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

update is coming within the next minutes
Reply With Quote
  #9  
Old 05-06-2008, 08:58 PM
Jase2 Jase2 is offline
 
Join Date: Dec 2007
Location: USA
Posts: 1,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks, Zero.
Reply With Quote
  #10  
Old 05-06-2008, 09:52 PM
Gladius2007 Gladius2007 is offline
 
Join Date: Nov 2007
Posts: 78
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Excellent, thanks.

While on the subject of security, is there ANYWHERE where one could legally download any game packs from a trusted source that would check the legality of the games included?

I'm NOT asking where to get these games illegally (everyone knows as pretty much every arcade I've seen has thousands of them installed). I'm asking if there is any website that offers packs of legal games to download where the authors have consented to have the games included in the pack.

If not, that's more than a little sad.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:44 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04912 seconds
  • Memory Usage 2,288KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete