Pinned
vBulletin.com has been hacked and passwords stolen Hackers claimed yesterday to have hacked the author of the worlds most widely used content management system vBulletin having published what appeared to be screenshots of their file system and databases. The hackers also layed claim to the recent macrumours.com forum hack using the same means in the form of a new and as yet undisclosed vulnerability in vBulletin content management and forum software although this hasn't been confirmed yet...
Quote:
Inj3ct0r Team hacked vBulletin.com and Macrumors.com
Inj3ct0r Team hacked the big CMS vendor vBulletin.com
We got shell , database and root server. We wanted to prove that nothing in this world is not safe.
We found a critical vulnerability in vBulletin all versions 4.x.x and 5.х.x
We've got upload shell in vBulletin server, download database and got root.
All those wishing to buy a copy of the vulnerability and patch your forum.
Proof images of their shell + database access at vBulletin.com.
Macrumors.com was based on vBulletin CMS. We use 0day exploit on vBulletin, got password moderator. 860000 hacked too.
The network security is a myth.
https://www.facebook.com/inj3ct0rs/posts/611793255548704
Update 1
The latest unofficial statement from a memberof staff at Internet Brands owners of vBulletin is as follows:
Quote:
They broke into an old stage server, mainly used by QA for test installs of vB4 & vB5.
Its not known exactly how, but at one point there were in the region of 100 old installs on it, so anyone of them could have been used.
The best guess from evidence is that they hacked it sometime in late summer, and at some point between then and early October they uploaded Adminer.
They then appear to have cracked a mysql user password for the Live DB server, and used it (via adminer) to read the vBulletin.com and vBulletin.org.org user tables.
After that it appears they moved on (they deleted adminer). Nothing was known about this until their facebook post the other day.
Update 2
The log files that were examined do not show any attemped access of customer data in the support system, they basically targeted the vBulletin user table.
Update 3
It appears the author's of the macrumours.com and vBulletin.com hack were the same but the means were different contrary to claims.
Note
Several of the posts in this thread were updated as new information about the hack on vBulletin.com became available. Please read the whole thread for complete details on the events of yesterday.
http://www.partyviberadio.com/forums/life/computers-gadgets-technology/forum-software/58595-vbulletin-com-has-been-hacked.html12
Pinned
Vbulletin 5 from Internet Brands Will PV be moving forward to VB5 in the near future? I think we should start a donating for it now like the mobile app fund. It looks pretty neat although it is still in beta test phase vBulletin 5 Connect, The World's Leading Community Software
Pinned
Computerworld; vBulletin users warned of potential exploit look here;
IDG News Service - The developers of the popular vBulletin commercial Internet forum software are investigating a potential exploit and advised users to delete the "install" directory from their deployments as a precaution.
"A potential exploit vector has been found in the vBulletin 4.1+ and 5+ installation directories," Wayne Luke, technical support lead at vBulletin Solutions, the company that develops the software, announced this week on the vBulletin community forum. "Our developers are investigating this issue at this time. If deemed necessary we will release the necessary patches."
Luke advised users to delete the 'install' directory from their vBulletin installations in order to mitigate the issue that hasn't yet been disclosed. The directory that should be deleted is "/install" for vBulletin 4.1.x versions and "/core/install" for the 5.x versions.
This directory normally contains the scripts and files used during the original installation process and subsequent upgrades.
In the "Cleaning up after Install" section of the vBulletin manual users are advised to delete all files and subdirectories from the "install" directory as a security precaution. However, they are not advised to delete the directory itself.
It's not clear what the exploit currently being investigated would allow potential attackers to do, but the fact that it prompted an advance warning from the developers suggests that it might have serious implications.
Luke declined to disclose information about the nature of the exploit.
"I am sorry but in the interest of security for our customers, we can not discuss this issue at this time," he said Thursday via email.
"Going back to our logs, we dont see any specific scans for /core/install, but we see constant discovery requests for /install," said Daniel Cid, chief security officer at Sucuri, a company that provides website security monitoring and malware clean-up services, in a blog post. "We dont yet know if that is related to vBulletin or other CMSs [content management systems]."
Attackers are constantly trying to exploit vulnerabilities in popular content management systems in order to break into websites, and while vBulletin does not power as many websites as WordPress, Joomla or some other general-purpose CMS software, it is one of the most popular applications for setting up Internet discussion forums.
According to vBulletin Solutions, over 100,000 community websites are running on vBulletin, including some operated by Zynga, Electronic Arts, Sony Pictures, NASA, Valve Corporation and other well known companies.
In July, hackers broke into UbuntuForums.org, a community website for the Ubuntu Linux distribution with over 1.8 million registered accounts, and managed to access information about users, including email addresses and password hashes. The site was using vBulletin.
"In summary, the root cause was a combination of a compromised individual account and the configuration settings in vBulletin, the Forums application software," Canonical, the company that operates the site, said in a blog post following the incident.
vBulletin users warned of potential exploit - Computerworld
How much does a website’s design matter to you? I'm curious. If you came across a fuggly web site and you think the design's pretty shit, would you still use it? Can content make up for a lack of visual appeal or not? Or are you more of a shallow type who judges things on looks?
ACP News: YUI Security Issue found in uploader.swf #186
It has come to our attention that there is a security issue in the uploader.swf file included as part of the Yahoo User Interface (YUI) library included in vBulletin 4. As the version of YUI included in vBulletin is end-of-lifed, Yahoo will not be fixing this issue. Their recommendation is to remove the file from your server. We recommend that you replace this with an empty file of the same name (attached). What this will do is force vBulletin to use a fallback javascript based uploader which is already provided in your system.
See: http://yuilibrary.com/support/20131111-vulnerability/
The vulnerable file is also present in the vBulletin 5 download package though not used by the vBulletin 5 front-end. We recommend that you delete the file and replace it with the attached file.
We have also updated all download packages for vBulletin 4.X and 5.X with the new empty file.
To resolve this issue take the following steps:
Delete uploader.swf located in clientscript/yui/uploader/assets or /core/clientscript/yui/uploader/assets
Replace it with the attached file.
Alternatively, you can download the vBulletin package for your version and replace it from that download.
Note: We will not be fixing the vulnerability in the SWF file directly nor do we plan to take any other action on this issue at this time.
http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4014388-yui-security-issue-found-in-uploader-swf
PHPFox Black Friday Sale PHPFox is communty software with a similar look and feel to fb...
[IMG]http://www.partyviberadio.com/forums/attachment.php?attachmentid=85848&stc=1[/IMG]
Black Friday has arrived and we are giving out a 35% discount voucher for any new licenses you purchase from us.
The discount voucher is: BlackFriday2013
To use the discount voucher simply purchase the product using our online form here: Pricing » PHPFox - Social Networking Script
Once you reach "Step 4" you will find "Discount Voucher" and that is where you can enter the code.
This sale will end on Cyber Monday, December 2nd 2013 at 23.59(11.59 p.m) EST.
ACP News: vBulletin 4.2.2 Now Available – October 8th, 2013 #185
vBulletin 4.2.2 is Now Available!
Today we're announcing the availability of vBulletin 4.2.2. If you have an active vBulletin license, you can download your copy of vBulletin 4.2.2 from the vBulletin Customer Area at: https://members.vbulletin.com
Read more here
[URL]http://[/URL]
ACP News: vB 4.1.12 PL4, 4.2.0 PL4 & 4.2.1 PL1 Released for Potential XSS in Forum Ru #184
During testing of vBulletin 4.2.2 a potential xss exploit was found by our QA team in the Forum Runner application.
This issue is fixed in vB4.2.2 & we have released PL updates for 4.2.1, 4.2.0 & 4.1.12.
vBulletin 4.2.1 PL1
vBulletin 4.2.0 PL4
vBulletin 4.1.12 PL4
Note that this only affects the included Forum Runner application, not the main vB4 Forum or Suite.
If you are not using the Forum Runner application on your forum, you will not be affected by this issue.
To patch your forum you can do one of three things.
1. Download the relevant patch for you version, unzip it, and upload the patch files to your server.
2. Download the latest full version of vB4.2.x, unzip and upload the files, and upgrade your forum to the latest version (delete the install folder afterwards).
3. Download the full set of files for your current version, unzip and upload the files to replace all the files on your server (delete the install folder afterwards).
ACP News: vBulletin 5 Connect v5.0.5 is Now Available – Sep 25th, 2013 #183
vBulletin 5.0.5 is Now Available!
Today we're announcing the availability of vBulletin 5 Connect v5.0.5.
If you have an active vBulletin license, you can download your copy of vBulletin 5.0.5 from the vBulletin Customer Area at: https://members.vbulletin.com
Read more here
http://www.vbulletin.com/go/505
ACP News: vBulletin 5 Connect v5.0.4 is Now Available – Aug 1st, 2013 #180
vBulletin 5.0.4 is Now Available!
Today we're announcing the availability of vBulletin 5 Connect v5.0.4.
If you have an active vBulletin license, you can download your copy of vBulletin 5.0.4 from the vBulletin Customer Area at: https://members.vbulletin.com
Read more here
http://www.vbulletin.com/go/504
ACP News: vBulletin 5 Connect Security Patches Released (All versions) #182
A data integrity exploit has been discovered in vBulletin 5. This exploit was discovered by our Quality Assurance team. The issue affects all versions of vBulletin 5 Connect, including 5.0.0, 5.0.1, 5.0.2, 5.0.3, and 5.0.4. We have released security patches for all versions and they are available immediately. It is recommended that you upload the patches to your server immediately.
You can download the patch for your version here: http://members.vbulletin.com/patches.php
Please install the patch immediately.Installing the Patch
Download the patch from https://members.vbulletin.com/patches.php.
Extract the vBulletin patches files from the Zip file.
Upload the patch files to your server, overwriting the old files.
For additional instructions please see the online documentation at: Upgrade to a Patch Level
Please visit the support forums if you have any questions.
http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3993204-vbulletin-5-connect-security-patches-released-all-versions
ACP News: Potential vBulletin Exploit (vBulletin 4.1+, vBulletin 5+) #181
A potential exploit vector has been found in the vBulletin 4.1+ and 5+ installation directories. Our developers are investigating this issue at this time. If deemed necessary we will release the necessary patches. In order to prevent this issue on your vBulletin sites, it is recommended that you delete the install directory for your installation. The directories that should be deleted are:
4.X - /install/
5.X - /core/install
After deleting these directories your sites can not be affected by the issues were currently investigating.
vBulletin 3.X and earlier versions of 4.X would not be affected by these issues. However if you want the best security precautions, you should delete your install directory as well.
http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5
Juno’s Affiliates Program Olly just suggested I sign up for their affiliates program which I've just done. Once we're approved I will start inserting links to them for keywords like music, mp3, etc... :)1234
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.YesNoPrivacy policy
You can revoke your consent any time using the Revoke consent button.Revoke cookies
