home
Morrowind
Terms of Service | Privacy Policy
Copyright © 2024 Robin Scott. All rights reserved.

Bad page redirect using "tesnexus.com" domain

  • Comment
More articles
Hi folks,

It came to my attention today that people have been having trouble accessing TESNexus recently via the domain "tesnexus.com" without the "www" at the beginning. Sure enough when I tried to access the site via "tesnexus.com" instead of "www.tesnexus.com" I was redirected to a bad splash page website.

Astute forum member yoyohobo665 investigated the issue and found that there is a vulnerability in Windows XP and lower "that could allow spoofing", i.e. the redirection of legitimate traffic to bad places by bad people. There is a hot fix out and if you're a regular windows update user you will probably already have this fix, but if you don't use windows update or if you're a naughty person there is a downloadable version for XP available here. This fix does not check for legitimate XP installs. If you use an operating system other than XP (I believe Vista is safe) then you can find relavent downloads at this microsoft page.

I'm unsure at this time whether this issue is server side (i.e. an issue I have to fix), client side (i.e. an issue you have to fix) or both. What I do know is that this issue is resolved via the hot fix Microsoft have released and I am inquiring about whether I need to be doing anything my end.

Update:
I have investigated this issue and have patched up the server accordingly. Windows users (not including Vista) are still recommended to install the hotfix provided and please let me know if you experience the issue again.

8 comments

  1. Ihoe
    Ihoe
    • member
    • 48 kudos
    Thanks to yoyohobo665 and Dark0ne for this message.how ever the problem didn't happen for me as I use fire fox.I believe it helped people using the site.
  2. Sharkull
    Sharkull
    • member
    • 14 kudos
    ZoneAlarm firewall users beware: update your ZA before applying the MS patch or you won't be able to connect to the 'net afterwards (happened to me weeks ago).
    http://blog.washingtonpost.com/securityfix...xes_micros.html
  3. Morrowgamer
    Morrowgamer
    • premium
    • 0 kudos
    I am a user of Windows Vista and was also getting the "bad splash" page. Just thought i would bring this to your attention if that changes the problem at all.

    BTW... I only got the Splash page by using tesnexus.com instead of www.tesnexus.com 75% of the time. Im guessing this means that the Splash is programmed for random or somthing. And i actualy got the splash when i used www.tesnexus.com as well.
  4. aragonit
    aragonit
    • premium
    • 53 kudos
    I'm using XP 64bit and my system is not affected by this exploit, I'm using Flashpeak Slimbrowser, which is based on IE
  5. bfkdarthrevan
    bfkdarthrevan
    • member
    • 2 kudos
    Some people never give up, however maybe it could be the connection type itself since I'm using the XP SP2 and I've never been re-directed. However thank God that there are devoted members like yoyohobo
  6. crucifixio
    crucifixio
    • premium
    • 1 kudos
    I'm running Windows XP SP3 w/ Firefox 3.0.1. I typed in "tesnexus.com" and it went to the right page. I guess my setup is fine. Do you know if the people who were have this problem when using IE? I have IE7, but I don't use it much since I have IE tab for websites such as NKO that seem to only really work w/ IE.
  7. yoyohobo665
    yoyohobo665
    • premium
    • 51 kudos
    Haha I bet Dark0ne totally gave me a kudo. <img class="> Anyway, all has been well so the fix worked and is still working. I don't really think it was server-side, but I'm no expert. How would you go about finding it, if it is server-side? Hope this gets fixed for everyone.
  8. Xzen
    Xzen
    • supporter
    • 19 kudos
    I just checked with my Vista install which is current with the latest patches and TESNexus loads up fine. So Vista is safe.

    Out of curiosity, I tried doing the same with Opera. The website loads fine.

    Oh well, I hope the above helps anyone out there.

    Later.