Bookmark and Share
About
Features
Blog
Documentation
Support
Welcome Guest Search | Active Topics | Members | Log In | Register

2 Pages12>
YAF v1.9.1 FINAL for .NET v2.0 Framework (Dated 9/1/2007)
Options View
Previous Topic Next Topic
Jaben Offline
#1 Posted : Tuesday, September 04, 2007 12:42:01 AM

Rank: YAF Head Dude

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support King: Given to a community member who tirelessly answers tons of support questions.

Joined: 10/9/2004
Posts: 4,009
Location: Asheville, NC

Thanks: 20 times
Was thanked: 48 time(s) in 31 post(s)
YAF v1.9.1 FINAL (Dated 9/1/2007)

This version is no longer available for download.
"I have a simple philosophy: Fill what's empty. Empty what's full. Scratch where it itches.”.
Back to top
BLOG MSN AIM YAHOO ICQ XMPP SKYPE
Report? Edit by user
ina Offline
#2 Posted : Tuesday, September 04, 2007 9:07:26 PM
Rank: YAF Forumling

Joined: 9/4/2007
Posts: 7
Location: Tübingen, Germany

Thanks: 0 times
Was thanked: 0 time(s) in 0 post(s)
you forgot Intelligencia.UrlRewriter.dll in the BIN distribution ...
Back to top
MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Jaben Offline
#3 Posted : Wednesday, September 05, 2007 3:52:29 PM

Rank: YAF Head Dude

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support King: Given to a community member who tirelessly answers tons of support questions.

Joined: 10/9/2004
Posts: 4,009
Location: Asheville, NC

Thanks: 20 times
Was thanked: 48 time(s) in 31 post(s)
Oops! I'll fix that immediately.
"I have a simple philosophy: Fill what's empty. Empty what's full. Scratch where it itches.”.
Back to top
BLOG MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Jaben Offline
#4 Posted : Wednesday, September 05, 2007 8:32:14 PM

Rank: YAF Head Dude

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support King: Given to a community member who tirelessly answers tons of support questions.

Joined: 10/9/2004
Posts: 4,009
Location: Asheville, NC

Thanks: 20 times
Was thanked: 48 time(s) in 31 post(s)
Please download again as the .dll is in the distribution now.
"I have a simple philosophy: Fill what's empty. Empty what's full. Scratch where it itches.”.
Back to top
BLOG MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Jaben Offline
#5 Posted : Thursday, September 06, 2007 8:41:50 PM

Rank: YAF Head Dude

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support King: Given to a community member who tirelessly answers tons of support questions.

Joined: 10/9/2004
Posts: 4,009
Location: Asheville, NC

Thanks: 20 times
Was thanked: 48 time(s) in 31 post(s)
Distributions have been updated with new UrlRewriter.config files to fix the issue with moderated forums.
"I have a simple philosophy: Fill what's empty. Empty what's full. Scratch where it itches.”.
Back to top
BLOG MSN AIM YAHOO ICQ XMPP SKYPE
Report?
LaB Offline
#6 Posted : Friday, September 07, 2007 1:53:01 AM
Rank: Advanced Member

Joined: 8/8/2006
Posts: 33

Thanks: 0 times
Was thanked: 0 time(s) in 0 post(s)
You might want to address the fact that netdevilz.org have hacked forum.yetanotherforum.net, and are currently spamming all members...

so much for "Stable and secure enough for a production environment" Sad
Back to top
WWW MSN AIM YAHOO ICQ XMPP SKYPE
Report?
filip_cmr Offline
#7 Posted : Friday, September 07, 2007 2:07:19 AM

Rank: YAF Lover

Joined: 2/12/2006
Posts: 45
Location: Romania

Thanks: 0 times
Was thanked: 0 time(s) in 0 post(s)
there is a meta tag : <META HTTP-EQUIV="Refresh" CONTENT="0; url=http://netdevilz.org/yet.html">. I think there is missing a check for meta tags.
Back to top
WWW MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Ederon Offline
#8 Posted : Friday, September 07, 2007 2:08:09 AM


Rank: YAF Developer

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support Knight: Given to a community member who has answered lots of support questions.

Joined: 1/7/2007
Posts: 1,205
Location: Heart of Europe

Thanks: 1 times
Was thanked: 10 time(s) in 8 post(s)
Quote:
so much for "Stable and secure enough for a production environment" Sad

It's too early to judge. There are few possibilities how this happen - one is bug in YAF, another is stolen/broken identity. My guess it the second.
When I post FP:Ederon in a topic, I'm leaving my footprint there so I can track it once I get into coding/supporting.
Back to top
WWW MSN AIM YAHOO ICQ XMPP SKYPE
Report? Edit by user
LaB Offline
#9 Posted : Friday, September 07, 2007 3:21:44 AM
Rank: Advanced Member

Joined: 8/8/2006
Posts: 33

Thanks: 0 times
Was thanked: 0 time(s) in 0 post(s)
Ederon wrote:
It's too early to judge. There are few possibilities how this happen - one is bug in YAF, another is stolen/broken identity. My guess it the second.


So they stole the main admin account? They must have to fit your theory, since the forums have been renamed as well...
Back to top
WWW MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Jaben Offline
#10 Posted : Friday, September 07, 2007 4:16:32 PM

Rank: YAF Head Dude

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support King: Given to a community member who tirelessly answers tons of support questions.

Joined: 10/9/2004
Posts: 4,009
Location: Asheville, NC

Thanks: 20 times
Was thanked: 48 time(s) in 31 post(s)
I've evaluated the logs. They weren't really trying to be sneaky or anything. They didn't change my password or reset admin account. Still investigating.
"I have a simple philosophy: Fill what's empty. Empty what's full. Scratch where it itches.”.
Back to top
BLOG MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Jaben Offline
#11 Posted : Friday, September 07, 2007 4:58:03 PM

Rank: YAF Head Dude

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support King: Given to a community member who tirelessly answers tons of support questions.

Joined: 10/9/2004
Posts: 4,009
Location: Asheville, NC

Thanks: 20 times
Was thanked: 48 time(s) in 31 post(s)
Remember folks: account passwords are hashed. I looked at their access and they only went to the admin_mail section (that's why everyone got e-mails) and modified the one forum ("lol"Wink. They didn't get e-mail addresses or usernames.

That wasn't their goal: They were just here to demonstrate that they hacked the site.

Of course, admin passwords have been changed.
"I have a simple philosophy: Fill what's empty. Empty what's full. Scratch where it itches.”.
Back to top
BLOG MSN AIM YAHOO ICQ XMPP SKYPE
Report? Edit by user
Exiton Offline
#12 Posted : Saturday, September 08, 2007 2:13:45 PM

Rank: Member

Joined: 4/13/2007
Posts: 10
Location: Moldova

Thanks: 0 times
Was thanked: 0 time(s) in 0 post(s)
Can that happen with any other YAF.NET forum?
Hooter girls dig me!
Back to top
WWW MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Ederon Offline
#13 Posted : Saturday, September 08, 2007 9:44:07 PM


Rank: YAF Developer

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support Knight: Given to a community member who has answered lots of support questions.

Joined: 1/7/2007
Posts: 1,205
Location: Heart of Europe

Thanks: 1 times
Was thanked: 10 time(s) in 8 post(s)
Exiton wrote:
Can that happen with any other YAF.NET forum?

Yes, as long as you leave out of box machine key setting in web.config as it is. You should always generate your own, so hackers (or any potential attackers) does not have key to your secret chambers.
When I post FP:Ederon in a topic, I'm leaving my footprint there so I can track it once I get into coding/supporting.
Back to top
WWW MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Jaben Offline
#14 Posted : Monday, September 10, 2007 10:11:55 PM

Rank: YAF Head Dude

Medals: Medal of Honor Key: Given to pillars of the community who are key players in the YAF community and project.Medal of Honor for the Support King: Given to a community member who tirelessly answers tons of support questions.

Joined: 10/9/2004
Posts: 4,009
Location: Asheville, NC

Thanks: 20 times
Was thanked: 48 time(s) in 31 post(s)
Exiton wrote:
Can that happen with any other YAF.NET forum?

Please download and install v1.9.1.1. It fixes a few different security issues.
"I have a simple philosophy: Fill what's empty. Empty what's full. Scratch where it itches.”.
Back to top
BLOG MSN AIM YAHOO ICQ XMPP SKYPE
Report? Edit by user
Exiton Offline
#15 Posted : Saturday, September 15, 2007 12:37:49 PM

Rank: Member

Joined: 4/13/2007
Posts: 10
Location: Moldova

Thanks: 0 times
Was thanked: 0 time(s) in 0 post(s)
Upgraded.

Thank you.
Hooter girls dig me!
Back to top
WWW MSN AIM YAHOO ICQ XMPP SKYPE
Report?
Users browsing this topic
Guest (2)
2 Pages12>
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Clean Slate theme by Jaben Cargman (Tiny Gecko)
Powered by YAF 1.9.4 RC2 | YAF © 2003-2010, Yet Another Forum.NET