apollo12

Security Problem ?

16 posts in this topic

Sorry if someone has already brought this up,but evidently there is a problem with V Bullletin,version 3.8.6

I guess we are allright,'cause we are using,it says at bottom of page, version

3.8.5 ?

Anyway,here's the source.................

http://www.bbc.co.uk/news/technology-10714192

Share this post


Link to post
Share on other sites
Sorry if someone has already brought this up,but evidently there is a problem with V Bullletin,version 3.8.6

I guess we are allright,'cause we are using,it says at bottom of page, version

3.8.5 ?

Anyway,here's the source.................

http://www.bbc.co.uk/news/technology-10714192

I was just about to post the same link.

Share this post


Link to post
Share on other sites

Let's hope so - the flaw in the newest version sounds like it was simple to hack into it and obtain the administrator password.

Share this post


Link to post
Share on other sites

Agreed,slightly surprised to see so little response,thought I might either get alot of "nuthin to worry about" or "oh gawd".......didn't think it would be nearly nuffin !

Share this post


Link to post
Share on other sites

Have only just seen yur post - very important to signal such things but have you considered contacting Galahad directly to alert him to this?

It is entirely possible/likely he is already aware but you never know.

Share this post


Link to post
Share on other sites

Ummm,thought it might have been noticed by mods,who might pass it on,anyway,its evidently the newer version that might be dodgy ?

Also,not sure how to contact Galahad direct as it were..........?

Share this post


Link to post
Share on other sites

for a ha'peth of tar......................

Hackers are pernicious little sod's,

It wasn't so long ago another punting site (PL) was hacked for the sake af a line of code in phpbb that should have been changed.

I had my whole www. folder hacked automatically by installing and not updating wordpress. (mysql injection ) 8000 Japanese cartoon sex links on every page and folder placed intomy main website root. Thats why I need more than one site! That was 3 years ago, I've even moved servers but google has a hellish long memory and wreaks robot like revenge on all who transgress. They don't care if it was a hack or not. You are wiped out until you grovel enough to be allowed back but are then penalised on certain search terms because of your( the hackers) "spamming" history.

I keep my main site on a different account to my other sites now and dont allow any databases or injectable code.

Updating is crucial as is backing up -not doing so could wipe you out.

I'm sure galahad will be gladihad.

Share this post


Link to post
Share on other sites
Ummm,thought it might have been noticed by mods,who might pass it on,anyway,its evidently the newer version that might be dodgy ?

Also,not sure how to contact Galahad direct as it were..........?

Everything is ok thanks.

Share this post


Link to post
Share on other sites
Everything is ok thanks.

Ok,good to hear................I also noticed,another web site which IS using the newer DODGY version...............you would think they might have noticed ,as its nothin to do with sex................but ELECTONICS DOH :rolleyes:

Share this post


Link to post
Share on other sites
for a ha'peth of tar......................

Hackers are pernicious little sod's,

It wasn't so long ago another punting site (PL) was hacked for the sake af a line of code in phpbb that should have been changed.

I had my whole www. folder hacked automatically by installing and not updating wordpress. (mysql injection ) 8000 Japanese cartoon sex links on every page and folder placed intomy main website root. Thats why I need more than one site! That was 3 years ago, I've even moved servers but google has a hellish long memory and wreaks robot like revenge on all who transgress. They don't care if it was a hack or not. You are wiped out until you grovel enough to be allowed back but are then penalised on certain search terms because of your( the hackers) "spamming" history.

.

Very interesting to read even though most of the above para,made as much sense to me as a Chinese (or even Japanese!) telephone directory...................even more DOH:rolleyes:

Share this post


Link to post
Share on other sites
Ummm,thought it might have been noticed by mods,who might pass it on,anyway,its evidently the newer version that might be dodgy ?

Also,not sure how to contact Galahad direct as it were..........?

I reported the thread to the mods to highlight it when I first posted.

Share this post


Link to post
Share on other sites

Yes, apologies for not being upfront earlier but as soon as Thunderstruck made his helpful report the Mods checked with Admin who confirmed that he was holding on the earlier non-hackable version until the new edition was properly debugged.

Share this post


Link to post
Share on other sites
Very interesting to read even though most of the above para,made as much sense to me as a Chinese (or even Japanese!) telephone directory...................even more DOH:rolleyes:

Basically and very very simply, there is an arms race between people who build database software which is "writable" to by outsiders...as here and those who would manipulate access to those databases with what is known as "malicious code" a program or code that alters the original - usually for cash profit. often just for the mishevious hell of it.

The damage to a database or website reputation with google depends on who is hacking and why, what they leave and how long it remains.

My wordpress or possibly a plugin or mod on it, was hacked by someone in Korea who inserted links to sites that charge for hentai pics. Japanese cartoons having nookie LOL.

as Google is policed by non thinking spiders it thinks it is the website itself not behaving and will penalise it so losing valuable page rank and in fact being deleted from the google search engine index. Yahoo and everyone else follow.

In other words the website is useless unless you rely on directories.

It takes a hell of a long tiome to convince Google of your honorable intentions but they still seem to mistrust what they think is a misbehaved rule breaking website.

Share this post


Link to post
Share on other sites
Ummm,thought it might have been noticed by mods,who might pass it on,anyway,its evidently the newer version that might be dodgy ?

Also,not sure how to contact Galahad direct as it were..........?

Just for completeness, my concern was that Galahad might have been about to upgrade the system to the latest (and dodgy) version, which would have been a natural thing to do I assume.

No surprise he was ahead of us but better safe than sorry.

Again for completeness I think you can simply find his name like any other forum member and PM him (via Community > Members List in the blue strip above and find his name alphabetically). Sorry if overdoing the handholding but having made nothing of Helen's simplified explanation...

Share this post


Link to post
Share on other sites
Just for completeness, my concern was that Galahad might have been about to upgrade the system to the latest (and dodgy) version, which would have been a natural thing to do I assume.

No surprise he was ahead of us but better safe than sorry.

Again for completeness I think you can simply find his name like any other forum member and PM him (via Community > Members List in the blue strip above and find his name alphabetically). Sorry if overdoing the handholding but having made nothing of Helen's simplified explanation...

Yeah,thats ok,guess I should have thought ahead,or something,and sent him a PM,anyway,better safe then sorry !

Share this post


Link to post
Share on other sites
Basically and very very simply, there is an arms race between people who build database software which is "writable" to by outsiders...as here and those who would manipulate access to those databases with what is known as "malicious code" a program or code that alters the original - usually for cash profit. often just for the mishevious hell of it.

The damage to a database or website reputation with google depends on who is hacking and why, what they leave and how long it remains.

My wordpress or possibly a plugin or mod on it, was hacked by someone in Korea who inserted links to sites that charge for hentai pics. Japanese cartoons having nookie LOL.

.

Thanks for the explanation Helen,yeah Ive seen the odd Japanese animation(those girls sure do have remarkable appendages ;):rolleyes:)

Ok,I get it now more or less,especialy the bit about the spiders on Google.I'll go and have alook at this other site now, (electronics hobbiest etc)the one thats using the Newer version.........I can look at it,but Im not blldy logging in !!!!!!!!!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now