reply button, SD command injection.

[firewalz]

FYI,
When replying to a thread, I am getting blocked through smart defense command injection

Number: 246535
Date: 22Aug2006
Time: 8:52:17
Product: SmartDefense
Interface: eth0
Origin: ngx-1
Type: Log
Action: Reject
Protocol: tcp
Service: http (80)
Source: xxxxxxx
Destination: ns1.informationengine.org (209.59.197.93)
Source Port: 1497
Attack Name: Command Injection
Information: reason: WSE0050002 command injection detected in request: 'ftp'
resource: http://209.59.197.93/forums/newreply.php

[BarryStiefel]

Quote:

Originally Posted by firewalz

FYI,
When replying to a thread, I am getting blocked through smart defense command injection

Number: 246535
Date: 22Aug2006
Time: 8:52:17
Product: SmartDefense
Interface: eth0
Origin: ngx-1
Type: Log
Action: Reject
Protocol: tcp
Service: http (80)
Source: xxxxxxx
Destination: ns1.informationengine.org (209.59.197.93)
Source Port: 1497
Attack Name: Command Injection
Information: reason: WSE0050002 command injection detected in request: 'ftp'
resource: http://209.59.197.93/forums/newreply.php

I have no idea why this is occuring. We're using the tried and true vBulletin discussion board software and this is the first I've heard of this.

Is it still happening?

vBulletin does have a small upgrade available (to 3.6.1) that I haven't installed yet. This may help.