Results 1 to 4 of 4

Thread: OT: High-severity vulnerability in vBulletin is being actively exploited

  1. #1
    Join Date
    Mar 2007
    Posts
    4,654

    Default OT: High-severity vulnerability in vBulletin is being actively exploited

    I thought I posted this in the support forum, but I guess it ended up here. Apologies...mods move if appropriate. Would seem to be a serious issue though that could affect our board though.

    I hope the admins are paying attention:

    https://arstechnica.com/information-...vbulletin-bug/

    Attackers are mass-exploiting an anonymously disclosed vulnerability that makes it possible to take control of servers running vBulletin, one of the Internet’s most popular applications for website comments. Sites running the app should take comments offline until administrators install a patch that vBulletin developers released late Wednesday morning.

    The vulnerability was disclosed through an 18-line exploit that was published on Monday by an unidentified person. The exploit allows unauthenticated attackers to remotely execute malicious code on just about any vBulletin server running versions 5.0.0 up to 5.5.4. The vulnerability is so severe and easy to exploit that some critics have described it as a back door.

    “Essentially, any attack exploits a super simple command injection,” Ryan Seguin, a research engineer at Tenable, told Ars. “An attacker sends the payload, vBulletin then runs the command, and it responds back to the attacker with whatever they asked for. If an attacker issues a shell command as part of the injection, vBulletin will run Linux commands on its host with whatever user permissions vBulletins' system-level user account has access to.” Seguin has more in this technical analysis of the vulnerability.
    GUBoards is running version 4.2.2. Whether that's vulnerable, I don't know.

  2. #2
    Join Date
    Nov 2007
    Location
    seattle, spokane
    Posts
    3,132

    Default

    thanks for bringing this up

  3. #3
    Join Date
    Feb 2007
    Location
    On an island that is long
    Posts
    12,568

    Default

    Quote Originally Posted by caduceus View Post
    I thought I posted this in the support forum, but I guess it ended up here. Apologies...mods move if appropriate. Would seem to be a serious issue though that could affect our board though.

    I hope the admins are paying attention:

    https://arstechnica.com/information-...vbulletin-bug/



    GUBoards is running version 4.2.2. Whether that's vulnerable, I don't know.

    Not sure if 4.2.2 is vulnerable or not. I am going to try and meet up with the SR folks when I am out next week. Thanks for posting this.
    "And Morrison? He did what All-Americans do. He shot daggers in the daylight and stole a win." - Steve Kelley (Seattle Times)

    "Gonzaga is a special place, with special people!" - Dan Dickau #21

    Foo me once shame on you, Foo me twice shame on me.

    2012 Foostrodamus - Foothsayer of Death

  4. #4
    Join Date
    Nov 2009
    Location
    Spokane / Goodyear, AZ
    Posts
    1,832

    Default

    Keep us posted on what you learn LIZF, this is disconcerting for sure. Thanks
    To Fish & Game: Keep streams stocked well for Mr. Few!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •