• MENU
  • Skip to right header navigation
  • Skip to main content
  • Skip to primary sidebar

SecNews In Depth IT Security News

  • MANIFESTA Blog
  • Inet
  • Security
  • Investigations
  • tweaks
  • Views
  • TV
  • Search
  • MANIFESTA Blog
  • Inet
  • Security
  • Investigations
  • tweaks
  • Views
  • TV
  • Search
Home / security / vBulletin: New zero-day affects thousands of forums worldwide!

vBulletin: New zero-day affects thousands of forums worldwide!

25 September, 2019, 11: 06 am by SecNews Leave a Comment

A researcher security whose name remains unknown, posted details of a vBulletin zero-day, that is to say software of internet forums.

vBulletin

And it is precisely the publication of the details that pose some risks. The reason; The vulnerability was posted before it could be repaired, which means it may be caused hacking attacks in forums and spying on user information.

In fact, zero-day allows the hacker to execute shell commands on server. The remarkable thing is that the hacker does not have to account in this forum.

Posting on Full Disclosure. Frequently, security researchers publish details of unspecified security flaws when they have not been repaired after repeated vulnerability reporting. However, at this time, it is unclear whether the anonymous security researcher first reported the vulnerability to the vBulletin team or whether the vBulletin team failed to address the issue in a timely manner, leading it to publish it autonomously. And it is not excluded that this is a conscious slaughter decision aimed at defaming vBulletin.

According to W3Techs, 0,1% of sites manage a vBulletin forum. That means billions of users are affected. The forums are designed for the collection information of users. While billions on-line sites do not store user information, forums can be very easy to save data users. Therefore, 0,1% is really very important when calculating how many users could subscribe to these forums.

While vBulletin is used by many sites, the good news is that zero-day only affected the 5.x version. In practice this means that forums that have an older version are safe if they have made the necessary fixes.

vBulletin

Η Zerodium, is a company that buys web-based software to resell it to law enforcement. Many Dark web forums, such as those that distribute criminal prosecution services, malware, or child abuse images, are often run on vBulletin. According to the company, the anonymous security researcher could have made up to $ 10.000 in return for giving Zerodium zero-day details and not jeopardizing the data alone by posting it.

How useful was this post?

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

vBulletin: New zero-day affects thousands of forums worldwide! was last modified: September 25, 2019, 11: 06 by SecNews

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on 25 September | 11: 06 by SecNews

Competition: securityTag: hacker, hacking attacks, vbulletin, zero-day, zerodium |

SecNews

About SecNews

In Depth IT Security News

Previous Post: « Hackers target shipping and shipping companies through a new campaign
Next Post: Defect in Internet Explorer gives administrator rights to a hacker »

Reader Interactions

Comment Policy:

SecNews.gr does not immediately post comments. Malicious comments, comments that include ads, or comments with insults are deleted without any warning. We do not endorse the views expressed by our readers.


Leave a reply Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

Primary Sidebar

  • Base64 encoded image 35,648 Happy fans
  • Base64 encoded image 3,662 Followers

trending


Find out how much damage your SSD drive has to Windows 10
Lidl Black Friday deals: Maybe we get the Xbox One S at a low price?
Zorin OS 15 Lite to replace Windows 7
Windows 7 hack to continue with support
Windows 10 Version 1909 installation keys
Windows 7 Too hard to die
Bliss OS run the latest Android on your computer
SecNews MX Linux 19 x64 custom ISO release for Windows
Kickass Torrents: LOC 15 alternatively site for free movies and games!
Remove viruses from Windows with Ubuntu Live USB

tweaks

Enable Tab Freeze in Google Chrome

Windows 7 Disable notification for upgrade

FBI: Beware! Connect your IoT devices to a separate network!

Microsoft: Spear-phishing is growing rapidly - How is it treated?

Comparium: Try your site in different browsers and OS

Find out how much damage your SSD drive has to Windows 10

SecNews MX Linux 19 x64 custom ISO release for Windows

7 pronunciation dictionaries to improve your English

Display the version of Windows on the desktop

Fido: easily download Windows ISO

Copyright © 2010 - 2019 · SecNews | ToS | SiteMap | Contact

el Greek
ar Arabiczh-CN Chinese (Simplified)en Englishfr Frenchde Germanel Greekit Italianru Russian