On Wednesday, January 08, 2014 01:52:30 AM Jim Henderson wrote:
On Tue, 07 Jan 2014 17:12:51 -0800, John Andersen wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 1/7/2014 4:53 PM, Carlos E. R. wrote:
On 2014-01-08 01:04, Jim Henderson wrote:
Don't hate forums. Hate the hackers who think this is a fun thing to do, especially to an open source project.
Well, in this case it appears the hacker only wanted to prove that there was a vulnerability, in order to force vbulleting to update their software fast, no intention to use the obtained data.
The article, which may not be accurate, says OpenSuse was not running the most current version of vBulletin. It might be fixed already in later versions.
The exploit was in the vbseo addon, which was developed by a now defunct company and is no longer patched.
So I'm told.
Jim
It makes sense because vBSEO has been showing issues on several forums. Check the link for more info about vBSEO suspending operations http://admin-talk.com/threads/dear-vbulletin-forum-community-vbseo-is-suspen... -- Ricardo Chung | Member openSUSE Projects -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org