Announcement

Collapse
No announcement yet.

0day exploit on 4.x.x and 5.x.x?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • 0day exploit on 4.x.x and 5.x.x?

    DEF CON just announced on their Facebook that they have closed their vBulletin forums due to there being a possible 0day exploit. They linked to an article at The Hacker News (http://thehackernews.com/2013/11/vBu...erability.html), which states Macrumors.com vBulletin's CMS was compromised.

    I'm disabling my site as well until we get official word from vBulletin on this issue (more details in the article above).

  • #2
    This is serious!! vB need to find out all they can ASAP
    environment: Centos 6.9, Apache v2.4.25, PHP 5.6.30/xCache, MariaDB 10.22 -- vB5 Connect Licensed

    AusPhotography - Australia's Premier Photographic Forum vB4.2.3
    Rick (site owner) and Kym (site tech) sharing this account

    Comment


    • AusPhotography
      AusPhotography commented
      Editing a comment
      I've PM Wayne Luke and Paul M

  • #3
    Should we be shutting down our forums pending a patch? 

    Comment


    • #4
      My 2 forums were both hacked. I have had to delete them.

      Comment


      • #5
        Originally posted by PI Guy View Post
        My 2 forums were both hacked. I have had to delete them.
        What versions of vbulletin are you using?

        Comment


        • #6
          Originally posted by CoolRob View Post
          DEF CON just announced on their Facebook that they have closed their vBulletin forums due to there being a possible 0day exploit. They linked to an article at The Hacker News (http://thehackernews.com/2013/11/vBu...erability.html), which states Macrumors.com vBulletin's CMS was compromised.

          I'm disabling my site as well until we get official word from vBulletin on this issue (more details in the article above).
          MacRumors was using an old version of vBulletin 3.X...

          If you follow our previous advice of deleting your install folder in vBulletin 4 and 5, then you're not at risk.
          Translations provided by Google.

          Wayne Luke
          The Rabid Badger - a vBulletin Cloud customization and demonstration site.
          vBulletin 5 Documentation - Updated every Friday. Report issues here.
          vBulletin 5 API - Full / Mobile
          I am not currently available for vB Messenger Chats.

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X