New WHMCS Exploit

[wlanboy]

another IP to add to your block lists:  46.137.244.223

Time to write an abuse email to Amazon Data Services Ireland Ltd.

 

[Damian]

You guys don't already have Amazon EC2 IP ranges blocked?

 

[NodeBytes]

The problem is that Amazon EC2 has a lot of legitimate users and a whole lot of spammers.

 

[concerto49]

In their defense, if these exploits are all in old code then anything they learn now won't help fix code they wrote days/months/years ago.

Most of these are poor coding practices. They are mistakes that are so obvious. I wouldn't say it's old code. I think it's just how those developers operate. They can continue to patch the problems as they come but doesn't look like the root cause is getting fixed.

 

[TJR]

another????  is this a joke?   http://localhost.re/

does anyone know if that invoice exploit is patched with the new 5.2.12 update?

thank you

 

[Magiobiwan]

The invoice one was supposedly patched in the latest update. 

 

[TJR]

now our credit cards are not processing in the nightly batch with the new patch of the patch of the patch (i.e. v5.2.12)

 

[Francisco]

now our credit cards are not processing in the nightly batch with the new patch of the patch of the patch (i.e. v5.2.12)

I was so confused reading this the first time

Francisco

 

[Damian]

FWIW, our credit cards have been processing fine. What CC gateway are you using? We're using Stripe via ServerPing's module.

I was so confused reading this the first time

Francisco

It's getting to be a bit cat-in-the-hat isn't it? One vuln, two vuln, red vuln, blue vuln.

 

[TJR]

we're using payflow

batch says [SIZE=8.5pt]0 Credit Card Payments Processed (0 Failed)[/SIZE]

also if you click the button to process all overdue invoices, same thing.

you got to hit them one by one and 'attempt capture' errr

 

[SkylarM]

Stripe via ServerPing's module working fine here as well.