Announcement

Collapse
No announcement yet.

Winamp.com vBulletin Forum Breach

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Winamp.com vBulletin Forum Breach

    http://forums.winamp.com/showthread.php?t=327366

    Anyone know how this happened and if its related to an open or fixed bug?

  • #2
    Leaks? Smells like delicious reading material. Was there anything juicy reported?
    Winamp dropped balls big time, so I'm not really all that interested about either their giganormously bloated app (that can coincidentally play music) or the forum.

    Comment


    • #3
      I can't find anything juicy.

      What are the chances we could get an official comment from vB that all currently patched forums are unaffected?

      Comment


      • #4
        Originally posted by Fly View Post
        I can't find anything juicy.

        What are the chances we could get an official comment from vB that all currently patched forums are unaffected?
        Was winamp exploited via vbulletin or plugins or something else entirely?

        Comment


        • #5
          Originally posted by traen View Post
          Was winamp exploited via vbulletin or plugins or something else entirely?
          I don't know. Whatever happened, it only affected their forum.

          Comment


          • #6
            If they believe it came through the vBulletin software, they're welcome to contact us. If we don't hear from them, we can assume it came through another method.
            Vote for:

            - *Admin Settable Paid Subscription Reminder Timeframe*
            -
            *PM - Add ability to reply to originator only*
            - Add Admin ability to auto-subscribe users to specific channel(s)
            - Highlight the correct navigation tab when you are on a custom page
            - "Quick Route" Interface...
            - Allow to use custom icons for individual forums

            Comment


            • #7
              Why are they asking users to change their passwords? *frowns*.. granted it is best practice....
              ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
              Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online Entertainment

              Comment


              • #8
                If they were running an older version which did not have the improved salts, then that would be a good reason. New salts are only generated whne a user updates their password.

                Comment


                • #9
                  In all this, I must say that I commend WinAmp.com for sending out the eMail.
                  I received it yesterday... and although one's initial reaction is "OMG"... in reality, they did the right thing.
                  They were upfront and honest with their community regarding the intrusion.

                  And I share Trevor's opinion: If they haven't contacted vB, then we shouldn't assume it was "through" vB.
                  Disable Block Cache --- y/N
                  Leave this setting alone.

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...
                  X