Did You Know?



Reply
Community Leader
Jasper_The_Rasper
Posts: 1,047
Registered: ‎06-12-2013

vBulletin vuln opens backdoor to rogue accounts

The widespread vBulletin CMS has a vulnerability that allows remote attackers to create new administrative accounts.

Back in August, users of versions in the 4.1+ and 5+ series were advised to delete the /install/ or /core/install/ directories (depending on version) as a workaround against the bug, but vBulletin didn't advise of the impact of the problem.

 

Full Article

Community Leader

Please use plain text.
explanoit
Posts: 833
Topics: 58
Kudos: 487
Ideas: 50
Registered: ‎01-11-2013

Re: vBulletin vuln opens backdoor to rogue accounts

[ Edited ]

This, ladies and gentlemen, is why Webroot doesn't use the same account for the Webroot console and the Webroot forum.

----------------------------------------
Business Products Sr. Community Leader and Expert Advisor - WSA-Enterprise and WSAWSS administrator of 1400+ computers
First company to 1000+ WSA endpoints | Power User / Business Ambassador / WSA-C and WSA-E Beta tester
Community LeaderCommunity Leader
Find me on Twitter!

Please use plain text.
JimM
Posts: 2,308
Topics: 299
Kudos: 1,320
Registered: ‎01-19-2012

Re: vBulletin vuln opens backdoor to rogue accounts


explanoit wrote:

This, ladies and gentlemen, is why Webroot doesn't use the same account for the Webroot console and the Webroot forum.


It makes a good case for it anyway.  No worries here though - we don't use vBulletin!

/// JimM ///
/// Former Community Manager - Now Humble Internet Citizen///
/// Also Formerly a Technical Support Escalations Engineer ///
Please use plain text.