Context Navigation

Modify ↓

#3684 closed defect (worksforme)

Susceptible to spammy redirects

Reported by:	anonymous	Owned by:	Christian Boos
Priority:	high	Milestone:
Component:	ticket system	Version:	0.9.6
Severity:	major	Keywords:
Cc:		Branch:
Release Notes:
API Changes:
Internal Changes:

Description

Spammers upload attachments, then spamvertize them (typically comment spamming on blogs etc) with ?format=raw behind the URL. Then the redirects work.

Spammy redirects using holes in software is the new spam technique, and needs to be plugged wherever the hole is used.

Details here: http://spamhuntress.com/2006/09/07/trac-ticket-system-susceptible-to-redirects/

Attachments (0)

Change History (2)

comment:1 by Christian Boos, 18 years ago

Keywords:	needinfo added
Milestone:	→ 0.10
Owner:	changed from Jonas Borgström to Christian Boos

Live from irc:

<cboos> actually, when I tried to see them, I could see the source, but trying to view the "Original Format" redirected me to some other point in the web… The spam html files did contain <script> tags, and the javascript code must have done the redirect <cboos> … so probably lighthttpd has the render_unsafe_content flag set to true … or there's a problem with that part of the code

We should check whether the render_unsafe_content TracIni#attachment flag works as expected.

comment:2 by Matthew Good, 18 years ago

Keywords:	needinfo removed
Milestone:	0.10
Resolution:	→ worksforme
Status:	new → closed

I just verified with one of the Lighttpd admins that render_unsafe_content was set to true, so this just seems to be a config issue.

Modify Ticket

Change Properties

Summary:
Description:	Spammers upload attachments, then spamvertize them (typically comment spamming on blogs etc) with ?format=raw behind the URL. Then the redirects work. Spammy redirects using holes in software is the new spam technique, and needs to be plugged wherever the hole is used. Details here: http://spamhuntress.com/2006/09/07/trac-ticket-system-susceptible-to-redirects/ You may use WikiFormatting here.
Type:		Priority:
Milestone:		Component:
Version:		Severity:
Keywords:		Cc:	Set your email in Preferences
Branch:
Release Notes:
API Changes:
Internal Changes:

Action

leave as closed The owner will remain Christian Boos.

reopen The resolution will be deleted. Next status will be 'reopened'.

change ownership to The owner will be changed from Christian Boos to the specified user.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences .

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: