Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 Virus attacked		  New Topic  Topic Locked
 Printer Friendly
Previous Page
Author Previous Topic Topic Next Topic
Page: of 2

thelodger
Junior Member

United Kingdom
296 Posts
Posted - 14 June 2009 :  05:39:34  Show Profile
Well looking at it I have found an html file added to our image folder, I have deleted that and changed attributes to that folder, hopefully that has solved it, IU have spoke to out hosts and they assure me that nothing has happened untoward on their side.
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 14 June 2009 :  05:51:23  Show Profile  Send ruirib a Yahoo! Message
If you are you allowing HTML files to be uploaded to your site, that may well be the entry point.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

thelodger
Junior Member

United Kingdom
296 Posts
Posted - 14 June 2009 :  06:16:46  Show Profile
No we have html turned off, we do allow forum code.
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 14 June 2009 :  06:30:16  Show Profile  Send ruirib a Yahoo! Message
I meant through one of the upload mods. You should only allow image files or other files that cannot be used to hack your site.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

AnonJr
Moderator

United States
5768 Posts
Posted - 14 June 2009 :  13:28:00  Show Profile  Visit AnonJr's Homepage
Random thought (that's all I've had time to have lately...), but is your image upload MOD checking for null bytes in the file name? I know that issue was identified, but I don't know if it ever made it into the current downloads for the MOD.
Go to Top of Page

thelodger
Junior Member

United Kingdom
296 Posts
Posted - 14 June 2009 :  15:24:03  Show Profile
quote:
Originally posted by AnonJr

Random thought (that's all I've had time to have lately...), but is your image upload MOD checking for null bytes in the file name? I know that issue was identified, but I don't know if it ever made it into the current downloads for the MOD.


How would I know that? which file and what should i be looking for?
Go to Top of Page

Shaggy
Support Moderator

Ireland
6780 Posts
Posted - 15 June 2009 :  04:46:23  Show Profile
See here.
Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page

thelodger
Junior Member

United Kingdom
296 Posts
Posted - 15 June 2009 :  13:18:26  Show Profile
Cheers,
The avatar mod did have the fix added so it must have been updated at snitzbits.

But Mike's file attachment mod did not have the fix added, so will need to be changed at snitzbits.

All sorted now, hopefully it will close the door for the spammers on my site.
Go to Top of Page
Page: of 2 Previous Topic Topic Next Topic  
Previous Page
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.29 seconds. Powered By: Snitz Forums 2000 Version 3.4.07