Comments on: WMF vulnerability http://www.mattcutts.com/blog/wmf-vulnerability/ neat fun stuff Sat, 21 Nov 2009 05:33:38 -0800 http://wordpress.org/?v=2.8.5 hourly 1 By: john http://www.mattcutts.com/blog/wmf-vulnerability/#comment-103819 john Fri, 04 May 2007 04:34:00 +0000 http://www.mattcutts.com/blog/?p=148#comment-103819 Additional info: According to: (which I found via Google) http://snort.iatp.by/acid/acid_qry_alert.php?submit=%236-(2-507)&sort_order= the code leads to a page on this site: (which has a GPR = 5) http://www.red.by What is the point of this? How can this code be of any use against email spamming as suggested above? Additional info:

According to: (which I found via Google)
http://snort.iatp.by/acid/acid_qry_alert.php?submit=%236-(2-507)&sort_order=
the code leads to a page on this site: (which has a GPR = 5)
http://www.red.by

What is the point of this?
How can this code be of any use against email spamming as suggested above?

]]> By: Aaron http://www.mattcutts.com/blog/wmf-vulnerability/#comment-93564 Aaron Fri, 12 Jan 2007 05:46:17 +0000 http://www.mattcutts.com/blog/?p=148#comment-93564 Funny enough for the past couple weeks I've been searching for a good mathematics site to update my limited math's skills. Thanks,sosmath.com looks to be jus what the doctor ordered. Its funny how sometimes you find exactly what youre looking for in the most unlikely of places. Funny enough for the past couple weeks I’ve been searching for a good
mathematics site to update my limited math’s skills.

Thanks,sosmath.com looks to be jus what the doctor ordered.
Its funny how sometimes you find exactly what youre looking for
in the most unlikely of places.

]]> By: IncrediBILL http://www.mattcutts.com/blog/wmf-vulnerability/#comment-93522 IncrediBILL Thu, 11 Jan 2007 22:08:12 +0000 http://www.mattcutts.com/blog/?p=148#comment-93522 I'm mildly amused that many of the people responding to this thread think the only sites that have these types of scripts in them are those "bad sites" from the "other side of the web". Hate to burst all your bubbles (not really) but many of the sites with these scripts in them have been breached, or the <a href="http://incredibill.blogspot.com/2007/01/multiple-shared-servers-hacked-at.html" rel="nofollow">entire shared server has been breached</a>. Hundreds of innocent sites infected and nothing is being done about it by anyone. I’m mildly amused that many of the people responding to this thread think the only sites that have these types of scripts in them are those “bad sites” from the “other side of the web”.

Hate to burst all your bubbles (not really) but many of the sites with these scripts in them have been breached, or the entire shared server has been breached. Hundreds of innocent sites infected and nothing is being done about it by anyone.

]]> By: queenli http://www.mattcutts.com/blog/wmf-vulnerability/#comment-25306 queenli Mon, 08 May 2006 01:27:03 +0000 http://www.mattcutts.com/blog/?p=148#comment-25306 ABC Amber Image Converter , The software supports a batch conversion, a run from command line, more than 50 languages and comes with an embedded viewer. Batch conversion ability allows you to convert a unlimited number of images at a time. http://www.yaodownload.com/video-design/imagecompression/abc-image-converter_imagecompression.htm ABC Amber Image Converter , The software supports a batch conversion, a run from command line, more than 50 languages and comes with an embedded viewer. Batch conversion ability allows you to convert a unlimited number of images at a time.

http://www.yaodownload.com/video-design/imagecompression/abc-image-converter_imagecompression.htm

]]> By: Mike C. http://www.mattcutts.com/blog/wmf-vulnerability/#comment-10999 Mike C. Mon, 23 Jan 2006 16:26:23 +0000 http://www.mattcutts.com/blog/?p=148#comment-10999 RE the SOSMath disappearance: I don't see how those two pages shown (the ones with ads) are violations of the webmaster guidelines. Perhaps I've not read it carefully enough. What part of the guidelines cover this particular offense? What scares me (as a webmaster for a small group of web sites) is that I will unknowingly commit an error of this kind.. Google really should try to find a way to communicate the nature of an offense to a webmaster - I know that G wants to prevent hacking the algo, but this is really bad - having a site drop out of G's index without the webmaster knowing what caused it is just scary. And I would think it tends to build up animosity from webmasters who are not really trying to game the system. RE the SOSMath disappearance: I don’t see how those two pages shown (the ones with ads) are violations of the webmaster guidelines. Perhaps I’ve not read it carefully enough. What part of the guidelines cover this particular offense?

What scares me (as a webmaster for a small group of web sites) is that I will unknowingly commit an error of this kind..

Google really should try to find a way to communicate the nature of an offense to a webmaster – I know that G wants to prevent hacking the algo, but this is really bad – having a site drop out of G’s index without the webmaster knowing what caused it is just scary. And I would think it tends to build up animosity from webmasters who are not really trying to game the system.

]]> By: M.A. Khamsi http://www.mattcutts.com/blog/wmf-vulnerability/#comment-9477 M.A. Khamsi Mon, 09 Jan 2006 06:31:46 +0000 http://www.mattcutts.com/blog/?p=148#comment-9477 Hi, I agree with Elizabeth that it was a poor marketing decision. For more on this is ssue please go to: http://www.mattcutts.com/blog/directory-of-home-page-widgets/#comment-9299 By the way I am one of the three creators of SOSMATH. Cheers, Mohamed Hi,
I agree with Elizabeth that it was a poor marketing decision. For more on this is ssue please go to:
http://www.mattcutts.com/blog/directory-of-home-page-widgets/#comment-9299
By the way I am one of the three creators of SOSMATH.
Cheers,
Mohamed

]]> By: Elizabeth http://www.mattcutts.com/blog/wmf-vulnerability/#comment-8296 Elizabeth Wed, 04 Jan 2006 20:38:16 +0000 http://www.mattcutts.com/blog/?p=148#comment-8296 Matt, Thank you for the info. I agree that the "payday loans" pages, entirely off-topic for the site, could easily have lead to the entire site having been banned. While it's disappointing that this otherwise-valuable educational site made such a poor marketing decision, it's reassuring to me personally, since I would never degrade my site in this manner. I'd been concerned that my educational site might accidentally be banned, and now I know that I needn't be worried. Thank you! Matt,

Thank you for the info. I agree that the “payday loans” pages, entirely off-topic for the site, could easily have lead to the entire site having been banned.

While it’s disappointing that this otherwise-valuable educational site made such a poor marketing decision, it’s reassuring to me personally, since I would never degrade my site in this manner. I’d been concerned that my educational site might accidentally be banned, and now I know that I needn’t be worried.

Thank you!

]]> By: Matt http://www.mattcutts.com/blog/wmf-vulnerability/#comment-8174 Matt Wed, 04 Jan 2006 07:29:34 +0000 http://www.mattcutts.com/blog/?p=148#comment-8174 Elizabeth, check the most recent archive.org version of the sosmath.com home page. Here ya go: http://web.archive.org/web/20050329015405/http://www.sosmath.com/ Note on the left-hand side at the bottom of the column: "Featured Loans: Payday loans" then start clicking. I believe sosmath.com was selling text pages and link on its site. Elizabeth, check the most recent archive.org version of the sosmath.com home page. Here ya go:
http://web.archive.org/web/20050329015405/http://www.sosmath.com/

Note on the left-hand side at the bottom of the column:
“Featured Loans:
Payday loans”

then start clicking. I believe sosmath.com was selling text pages and link on its site.

]]> By: Brian http://www.mattcutts.com/blog/wmf-vulnerability/#comment-8162 Brian Wed, 04 Jan 2006 02:57:15 +0000 http://www.mattcutts.com/blog/?p=148#comment-8162 Note that some software may re-register shimgvw.dll when it doesn't see it there, so another workaround is to both unregister it, as Matt described above, and then rename the file to maybe something like shimgvw.dll.dead Note that some software may re-register shimgvw.dll when it doesn’t see it there, so another workaround is to both unregister it, as Matt described above, and then rename the file to maybe something like shimgvw.dll.dead

]]> By: Michael http://www.mattcutts.com/blog/wmf-vulnerability/#comment-8161 Michael Wed, 04 Jan 2006 02:19:22 +0000 http://www.mattcutts.com/blog/?p=148#comment-8161 hi, a friend's website was hacked recently (hosted by ipowerweb). The hackers inserted an iframe at the top of the site's index.php. The iframe pointed to a wmf file with the exploit. The site - trust4free.ws(do not go to this site) is currently listed in Googles index. hi, a friend’s website was hacked recently (hosted by ipowerweb). The hackers inserted an iframe at the top of the site’s index.php. The iframe pointed to a wmf file with the exploit. The site – trust4free.ws(do not go to this site) is currently listed in Googles index.

]]>