shagoon
11-26-2008, 02:37 PM
Hello,
I'm running latest vbulletin forum 3.7.4 PL1, and I just had a security breach (not due to the forum), the attacker had gained access to an Administrator's account which only had "Can Administer Users" permission set to Yes, all other permissions were denied to that Administrator's account.
Now he claims he has our forum DB in his possession, and that he took it via an exploit from that Admin user.
Note:
- he didn't log into any other Admin account
- all I can see from control panel log is that he used moderate.php (action: posts), email.php (action: start, dosendmail) and user.php (actions: prune, pruneusers) scripts
My question is: Could he have downloaded somehow the forum DB ?
Thanks in advance.
I'm running latest vbulletin forum 3.7.4 PL1, and I just had a security breach (not due to the forum), the attacker had gained access to an Administrator's account which only had "Can Administer Users" permission set to Yes, all other permissions were denied to that Administrator's account.
Now he claims he has our forum DB in his possession, and that he took it via an exploit from that Admin user.
Note:
- he didn't log into any other Admin account
- all I can see from control panel log is that he used moderate.php (action: posts), email.php (action: start, dosendmail) and user.php (actions: prune, pruneusers) scripts
My question is: Could he have downloaded somehow the forum DB ?
Thanks in advance.