You are not logged in.

#1 2013-06-16 10:12 pm

zaphod
Jägermonster
From: USA
Registered: 2008-11-22
Posts: 2,985
Website

ConfigServer.com's exploit scanner is misconfigured.

Currently, one, or several products from ConfigSever.com are identifying ZB Block's signatures.inc file as a known exploit. Their detection is based on content. I (zaphod, author of ZB Block) recommend at this time you do not use their product till this is resolved.

Their contact system for resolution of problems, is at best circumlocutory and requires registration on their forums to lodge a ticket... let's see if they will fix this problem.

Zap hmm


Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.

Little boxes in the server farm, little boxes running php...

Offline

#2 2013-06-16 10:28 pm

zaphod
Jägermonster
From: USA
Registered: 2008-11-22
Posts: 2,985
Website

Re: ConfigServer.com's exploit scanner is misconfigured.

Just to keep you updated, here is my message to them:

zaphod on ConfigServer.com's board wrote:

Howdy,

I am Zaphod from SpambotSecurity . com (broken to avoid linking by zaphod). I have been distributing a GNU/GPL V2 security suite for PHP websites since 2008 named ZB Block.

As of June 1st, you had an update to either this script, or another, which began misidentifying the signatures.inc file of my script, as a known exploit. Since my script, and this file especially only works off pattern matching, and no acceptance of client input as safe, I do not see how this is.

This behavior of your script is harming users of my script.

Please either reply to me here, on my site's forum, via email, or you can even reach me on StopForumSpam . com's forums so we can resolve this expediently as possible.

Thanks,
Zaphod


Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.

Little boxes in the server farm, little boxes running php...

Offline

#3 2013-06-18 4:40 am

zaphod
Jägermonster
From: USA
Registered: 2008-11-22
Posts: 2,985
Website

Re: ConfigServer.com's exploit scanner is misconfigured.

Their reply to me:

configserver.com wrote:

Re: Your scanner is misidentifying a file.

Postby ForumAdmin » Mon Jun 17, 2013 1:40 am
Thank you for reporting this and we will investigate. In future, and for any future correspondence, please contact us through xxxxx@waytotheweb.com rather than these community forums.

My reply to them:

zaphod wrote:

Re: Your scanner is misidentifying a file.

Postby zaphod » Mon Jun 17, 2013 1:14 pm
You bet, and thanks for looking into this.

Zap smile

And their final response to me:

configserver.com wrote:

Re: Your scanner is misidentifying a file.

Postby ForumAdmin » Mon Jun 17, 2013 2:31 pm
The fix has been applied in the release we made of the cxs product today.

Beautifully run company.

Situation resolved.

If you use their product, update it, and carry on!

Zap smile


Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.

Little boxes in the server farm, little boxes running php...

Offline

Board footer

Powered by FluxBB

Close
Close