cancel
Showing results for 
Search instead for 
Did you mean: 

vBulletin vuln opens backdoor to rogue accounts

Highlighted
Sr. Community Expert Advisor

vBulletin vuln opens backdoor to rogue accounts

The widespread vBulletin CMS has a vulnerability that allows remote attackers to create new administrative accounts.

Back in August, users of versions in the 4.1+ and 5+ series were advised to delete the /install/ or /core/install/ directories (depending on version) as a workaround against the bug, but vBulletin didn't advise of the impact of the problem.

 

Full Article


Sr. Community Expert Advisor


 


2016-07-18_12-11-32.png Microsoft® Windows Insider MVP - Windows Security

2 REPLIES
Community Expert Advisor

Re: vBulletin vuln opens backdoor to rogue accounts

This, ladies and gentlemen, is why Webroot doesn't use the same account for the Webroot console and the Webroot forum.

----------------------------------------
Business Products Sr. Community Leader and Expert Advisor - WSA-Enterprise administrator over 2000 clients
First company to 1000+ WSA endpoints | Power User / Business Ambassador / WSA-C and WSA-E Beta tester
Community LeaderCommunity Leader
Find me on Twitter!

Retired Webrooter

Re: vBulletin vuln opens backdoor to rogue accounts


explanoit wrote:

This, ladies and gentlemen, is why Webroot doesn't use the same account for the Webroot console and the Webroot forum.


It makes a good case for it anyway.  No worries here though - we don't use vBulletin!

/// JimM ///
/// Former Community Manager - Now Humble Internet Citizen///
/// Also Formerly a Technical Support Escalations Engineer ///