Welcome, Guest. Please Login or Register.
March 28, 2024, 04:27:37 PM
Home Help Search Log in Register
News: SMF is the next generation in forum software, almost completely re-written from the ground up, make sure you don't fall for cheap imitations that suffer from feature bloat!

YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  SECURITY FIX! Users using any version prior to 1.5.1 « previous next »
Pages: 1 2 3 [4] 5 6 ... 12 Reply Ignore Print
Author Topic: SECURITY FIX! Users using any version prior to 1.5.1  (Read 95797 times)
David
Destroyer Dave
Global Moderator
YaBB God
*****
Posts: 5761


I'm not a llama!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #45 on: February 02, 2003, 07:25:43 PM »
Reply with quote

I got nine of them and do not care.  As you can see, THIS IS IMPORTANT!!!!  Apply the fix, if you need help applying it contact me and I will try to help.

Attached is a fixed Packages file for 1.4.1.  Rename it to Packages.php and upload it.  I did this for those who do not wish to modify their sources by hand.
« Last Edit: February 02, 2003, 07:26:31 PM by David » Logged

drinkitbitch
Jr. Member
**
Posts: 80


I'm not a llama.

Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #46 on: February 02, 2003, 07:35:53 PM »
Reply with quote

Quote from: Overseer on February 02, 2003, 06:42:07 PMThats BS.. one is enuf.. anymore is just spam.

I disagree.

Like you said yourself, not everyone lives on the internet. Just because you happened to fix the error after only 4 emails, doesnt mean everyone else did as well.

Maybe 9 was a bit excessive, but had they only sent one, I more than likely would have ignored it. I often ignore announcements, but the fact that there were nine made me very curious.

They seem to think this is a major issue that everyone needs to fix and just one email wont get everyone's attention, but 9 definitely or hopefully will.
Logged
Overseer
Sr. Member
****
Posts: 455


Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #47 on: February 02, 2003, 07:39:22 PM »
Reply with quote

naww sending the same thing multiple time is just ignorant IMO.

one is enough... and my previous comment was meant to highlight that it may not be ignored because of '1' email but because people might not read their email for a day.

now... whats even more dumb now is that when u read one of these these other emails the actual post has been deleted... so u end up with a "topic does not exist error" ... ummm duh!!!

Logged

I learned that from the G's, a G is an Overseer, the Overseer sees.
More than you do 'cause he gets experienced - Snoop on Daz's OG

Supreme exalted, universal leader, Descendent of the kings and queens, the Overseer
The overlord, cream of the crop, creme de la creme - Gang Starr  Royalty
David
Destroyer Dave
Global Moderator
YaBB God
*****
Posts: 5761


I'm not a llama!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #48 on: February 02, 2003, 07:40:54 PM »
Reply with quote

Quote from: Overseer on February 02, 2003, 07:39:22 PMnaww sending the same thing multiple time is just ignorant IMO.

one is enough... and my previous comment was meant to highlight that it may not be ignored because of '1' email but because people might not read their email for a day.

now... whats even more dumb now is that when u read one of these these other emails the actual post has been deleted... so u end up with a "topic does not exist error" ... ummm duh!!!
I think you have expressed your dislike of recieving 9 e-mails enough in this thread.  Let those that may need help with this fix speak without the constant flaming.
Logged

Overseer
Sr. Member
****
Posts: 455


Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #49 on: February 02, 2003, 07:41:23 PM »
Reply with quote

actually.. i just realised deleting those topics has done more harm because someone reading their email would most likely read the newestt one and see topic doesnt exist.. would they be patient enough to check all nine  - or whatever figure we end up at?
Logged

I learned that from the G's, a G is an Overseer, the Overseer sees.
More than you do 'cause he gets experienced - Snoop on Daz's OG

Supreme exalted, universal leader, Descendent of the kings and queens, the Overseer
The overlord, cream of the crop, creme de la creme - Gang Starr  Royalty
Overseer
Sr. Member
****
Posts: 455


Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #50 on: February 02, 2003, 07:42:52 PM »
Reply with quote

Quote from: David on February 02, 2003, 07:40:54 PM
Quote from: Overseer on February 02, 2003, 07:39:22 PMnaww sending the same thing multiple time is just ignorant IMO.

one is enough... and my previous comment was meant to highlight that it may not be ignored because of '1' email but because people might not read their email for a day.

now... whats even more dumb now is that when u read one of these these other emails the actual post has been deleted... so u end up with a "topic does not exist error" ... ummm duh!!!
I think you have expressed your dislike of recieving 9 e-mails enough in this thread.  Let those that may need help with this fix speak without the constant flaming.

only answering replies to my earlier questions  ::)
Logged

I learned that from the G's, a G is an Overseer, the Overseer sees.
More than you do 'cause he gets experienced - Snoop on Daz's OG

Supreme exalted, universal leader, Descendent of the kings and queens, the Overseer
The overlord, cream of the crop, creme de la creme - Gang Starr  Royalty
Compuart
Quality, Quality, Quality!
YaBB God
*****
Posts: 1283


ICQ - 8801024Compuart@hotmail.com WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #51 on: February 02, 2003, 07:48:29 PM »
Reply with quote

Yes, something went wrong with the announcement script here. I've applied some fixes, and the mail sending seems to have stopped.

We sincerely apoligise for the inconvenience this has caused.
« Last Edit: February 02, 2003, 07:49:42 PM by Compuart » Logged

Overseer
Sr. Member
****
Posts: 455


Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #52 on: February 02, 2003, 07:52:54 PM »
Reply with quote

ok thats cool.

Logged

I learned that from the G's, a G is an Overseer, the Overseer sees.
More than you do 'cause he gets experienced - Snoop on Daz's OG

Supreme exalted, universal leader, Descendent of the kings and queens, the Overseer
The overlord, cream of the crop, creme de la creme - Gang Starr  Royalty
Mike Healan
Noobie
*
Posts: 33


WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #53 on: February 02, 2003, 08:04:53 PM »
Reply with quote

Jeez... Get a grip. With as many registered users as there are, do you really think they intended to send 10 of the same email to everyone? It's obviously a bug or a glitch. Report it and be done with it.
Considering how serious this is, I wouldn't care if the server burped and I got 100 of them. Some damned hacker emailed my password to me. If he had decided he didn't like me, all the warning I would've gotten would have been an emptied sql database.
Logged

UNICRON
Noobie
*
Posts: 19


Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #54 on: February 02, 2003, 08:22:41 PM »
Reply with quote

Quote from: Mike Healan on February 02, 2003, 08:04:53 PMJeez... Get a grip. With as many registered users as there are, do you really think they intended to send 10 of the same email to everyone? It's obviously a bug or a glitch. Report it and be done with it.
Considering how serious this is, I wouldn't care if the server burped and I got 100 of them. Some damned hacker emailed my password to me. If he had decided he didn't like me, all the warning I would've gotten would have been an emptied sql database.

agreed
Logged
yensid4him
Noobie
*
Posts: 23


not the llama, not the llama!!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #55 on: February 02, 2003, 08:44:09 PM »
Reply with quote

Hey I appreciate the 9 emails I got... I'm one of the ones that might have ignored just one announcement email, but having 9 made me decide it was pretty important.  I did get the "topic doesn't exist" message but navigated my way over here to this one just fine...

Also wanted to say thanks to whoever included the packages.txt file with the fix for download... I'm a good coder, but I also like to save time whenever possible!

One suggestion for those setting up new boards... my board didn't get hit by a hacker, nor did I get an email with my password in it, perhaps due to the fact that when I installed my board I changed the directory name from "yabbse" to "msgboard" ... hackers wouldn't be able to search the web and come across my board as easily based on the url alone.

- holly
Logged
Jeff Lewis
Global Moderator
YaBB God
*****
Posts: 10149


I'm a llama!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #56 on: February 02, 2003, 08:48:09 PM »
Reply with quote

I apologize for the multiple emails but really is it worth bitching over? We sent out an announcement for this before and apparently not everyone thought it was important enough to apply the fix.

If the little problem with the extra emails saves at least one persons forum I'm fine with that.

I sent the announcement and left to visit my parents, my apologies to those that were so angered by a few extra emails in the inbox and my thanks to those that were understanding.
Logged

Snoopy_5
Noobie
*
Posts: 1


Today is the first day of the rest of your life

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #57 on: February 02, 2003, 09:04:22 PM »
Reply with quote

Jeff I just wanted to say thanks for sending out the word about this fix a second time.  Without this notice I would still be exposed.

I am one of the ones who didnt bother to change or fix my site after the first message, mainly because I didnt get the first message.  I did get the multiple messages this morning though,which didnt bother me except to press the urgency of the matter.

Keep up the good work
Logged
Jeff Lewis
Global Moderator
YaBB God
*****
Posts: 10149


I'm a llama!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #58 on: February 02, 2003, 09:16:04 PM »
Reply with quote

Thanks Snoopy. Not sure why Overseer is so mad...his messages table got seriously corrupted this week and he should ask Corey who was helping fix it...so a few extra emails by accident shouldn't be too hard to swallow :)
Logged

TurboXS
Noobie
*
Posts: 24


Debian - Linux ist nicht gleich Linux!!

WWW
Re:SECURITY FIX! Users using any version prior to 1.5.1
« Reply #59 on: February 02, 2003, 09:36:19 PM »
Reply with quote

:-\

I feel terribly sorry for mentioning the multiple message stuff.

Keep up the great work with this board software.

Regards
Logged

Pages: 1 2 3 [4] 5 6 ... 12 Reply Ignore Print 
YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  SECURITY FIX! Users using any version prior to 1.5.1 « previous - next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
© 2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.1.4 © 2023, Simple Machines
Valid XHTML 1.0! Valid CSS

Page created in 0.048 seconds with 19 queries.