Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: vBulletin Security Vulnerability - POC
From: Freddie Bingham <freddie () vbulletin com>
Date: 26 Jan 2004 20:52:32 -0000
In-Reply-To: <20040123210813.8522.qmail () mail securityfocus com>

This exploit existed in vBulletin v3 Beta 2 - Beta 7.  We patched this exploit for the vBulletin v3 gamma release and 
recommend all users affected versions upgrade to the latest vBulletin v3 release, which is RC3 at the time of this 
posting.  Users are made aware that they are choosing to use software labelled as beta and hence the chance of unknown 
exploits is greater than when using release quality software.  We do take security serious and respond to them in the 
same swift manner, be it in a beta or release version.  We were not aware of this problem until we were at Beta 7 and 
have no explanation as to why we missed the submitters original contact during the Beta 2 time period.

  By Date           By Thread  

Current thread:
  • Re: vBulletin Security Vulnerability - POC Freddie Bingham (Jan 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]