Thread: reply button, SD command injection.
View Single Post
  #2 (permalink)  
Old 2006-10-01
BarryStiefel BarryStiefel is offline
Administrator
  
Join Date: 2005-08-11
Location: San Francisco, CA
Posts: 582
Rep Power: 10
BarryStiefel has disabled reputation
Default Re: reply button, SD command injection.
Quote:
Originally Posted by firewalz View Post
FYI,
When replying to a thread, I am getting blocked through smart defense command injection

Number: 246535
Date: 22Aug2006
Time: 8:52:17
Product: SmartDefense
Interface: eth0
Origin: ngx-1
Type: Log
Action: Reject
Protocol: tcp
Service: http (80)
Source: xxxxxxx
Destination: ns1.informationengine.org (209.59.197.93)
Source Port: 1497
Attack Name: Command Injection
Information: reason: WSE0050002 command injection detected in request: 'ftp'
resource: http://209.59.197.93/forums/newreply.php
I have no idea why this is occuring. We're using the tried and true vBulletin discussion board software and this is the first I've heard of this.

Is it still happening?

vBulletin does have a small upgrade available (to 3.6.1) that I haven't installed yet. This may help.
Reply With Quote