PDA

View Full Version : Have admin seen / or heard about this 0 day exploit for Vbulletin??



Speedy Gonzales
19-11-2013, 12:05 PM
Here (http://www.informationweek.com/security/attacks-and-breaches/vbulletincom-hacked-customer-data-stolen/d/d-id/1112660)

Looks like it affects 4.xx and 5.xx of vbulletin

We found a critical vulnerability in vBulletin all versions 4.x.x and 5..x," read the group's Facebook post

bevy121
19-11-2013, 12:35 PM
all vBulletin license holders got emails regarding this issue
I got mine 2 days ago...

Whether this turns out to be a "problem" for forums, we'll have to wait and see.



In fact - I just checked now, and there is an update from Wayne now.....



Regarding claims of New 0-Day Exploits in vBulletin.
Today, 12:15pm
Given our analysis of the evidence provided by the Inject0r team, we do not believe that they have uncovered a 0-day vulnerability in vBulletin.

These hackers were able to compromise an insecure system that was used for testing vBulletin mobile applications. The best defense against potential compromises is to keep your system running on the very latest patch release of the software.

Regards,
Wayne Luke.