light bulb

Did You Know?



Reply
Posts: 4,873
Topics: 3,087
Kudos: 6,015
Registered: ‎06-12-2013

vBulletin vuln opens backdoor to rogue accounts

The widespread vBulletin CMS has a vulnerability that allows remote attackers to create new administrative accounts.

Back in August, users of versions in the 4.1+ and 5+ series were advised to delete the /install/ or /core/install/ directories (depending on version) as a workaround against the bug, but vBulletin didn't advise of the impact of the problem.

 

Full Article

Sr. Community Leader

Posts: 898
Topics: 57
Kudos: 568
Ideas: 72
Registered: ‎01-11-2013

Re: vBulletin vuln opens backdoor to rogue accounts

[ Edited ]

This, ladies and gentlemen, is why Webroot doesn't use the same account for the Webroot console and the Webroot forum.

----------------------------------------
Business Products Sr. Community Leader and Expert Advisor - WSA-Enterprise and WSAWSS administrator of 1700+ computers
First company to 1000+ WSA endpoints | Power User / Business Ambassador / WSA-C and WSA-E Beta tester
Community LeaderCommunity Leader
Find me on Twitter!

Posts: 2,308
Topics: 292
Kudos: 1,359
Registered: ‎01-19-2012

Re: vBulletin vuln opens backdoor to rogue accounts


explanoit wrote:

This, ladies and gentlemen, is why Webroot doesn't use the same account for the Webroot console and the Webroot forum.


It makes a good case for it anyway.  No worries here though - we don't use vBulletin!

/// JimM ///
/// Former Community Manager - Now Humble Internet Citizen///
/// Also Formerly a Technical Support Escalations Engineer ///