|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: vBulletin Security Vulnerability - POC
From: Freddie Bingham (freddie
vbulletin.com)
Date: Mon Jan 26 2004 - 14:52:32 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In-Reply-To: <20040123210813.8522.qmailmail.securityfocus.com>
This exploit existed in vBulletin v3 Beta 2 - Beta 7. We patched this exploit for the vBulletin v3 gamma release and recommend all users affected versions upgrade to the latest vBulletin v3 release, which is RC3 at the time of this posting. Users are made aware that they are choosing to use software labelled as beta and hence the chance of unknown exploits is greater than when using release quality software. We do take security serious and respond to them in the same swift manner, be it in a beta or release version. We were not aware of this problem until we were at Beta 7 and have no explanation as to why we missed the submitters original contact during the Beta 2 time period.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]