1 (edited by snowman 2006-03-01 01:09)

Topic: Mail Bomb Exploit and Fix

Post deleted.

Re: Mail Bomb Exploit and Fix

Edit that post, and e-mail using the link on the main forum page dude.

Through the awful grace of God

"Dude, CSS and XHTML are like two boys who are deeply in love.  They're perfect for each other, but no one can acccept it."

3 (edited by Smartys 2006-02-25 13:34)

Re: Mail Bomb Exploit and Fix

Bradyn wrote:

Edit that post, and e-mail using the link on the main forum page dude.

It isn't a security bug wink
All he's saying is that I can hit refresh on the form on the forgot password change and get it to send as many emails as I want. That seems to be a very popular type of "bug" recently with PunBB: I guess that means anything really serious has been taken care of tongue

snowman wrote:

Use a secret code generated by the server.

Except PunBB doesn't use sessions at all wink

Edit: I just double checked and phpBB and vB suffer from the same issue wink

Re: Mail Bomb Exploit and Fix

Mailbombing sounds dangerous, sir.

Kinda like.

Bomb.

Err...

Kay.

Through the awful grace of God

"Dude, CSS and XHTML are like two boys who are deeply in love.  They're perfect for each other, but no one can acccept it."