vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Member Archives (https://vborg.vbsupport.ru/forumdisplay.php?f=202)
-   -   Security problem on vB 2.3.0 (https://vborg.vbsupport.ru/showthread.php?t=55852)

ManuYamin 08-03-2003 09:18 AM
Security problem on vB 2.3.0
 
Hi,

We have purchase vBulletin (we are actually under version 2.3.0) but now we got a very critical problem, someone (a hacker i think) is now able to access to our customer account and can change their signature, email, etc...

Do you know this problem and do you have a patch witch can solve it ?

Thanks

seppl 08-03-2003 09:27 AM
Hi

do you really think, that the "hacker" has hacked your vb via an exploit? i think an admin has an simply guessable password ...

cu

Erwin 08-03-2003 09:35 AM
vB 2.3.0 has no security issues that is known.

ManuYamin 08-03-2003 11:45 AM
Ok, my administrative password is pretty hard to guess (letter + numbers + extra characters)

Have you any idea of how a hacker can access to my users data ?

ManuYamin 08-03-2003 11:46 AM
I've heard about a flash code that allow to read user's cookie, do you know this problem ?

ManuYamin 08-03-2003 11:53 AM
In fact this "hacker" change the user signature and write some diffamous post.

After that he change the user email adress and password so the user cannot reconnect and is marked as "user awaiting email notification".

Excuse me for my poor english (i'm french)

NTLDR 08-03-2003 12:04 PM
Its more than likly that the "hacker" has just obtained the users password, without any real hacking. Make sure you have HTML turned off everywhere (Sigs, PM and Posts). If you have an IP for them then report them to their ISP.

ManuYamin 08-03-2003 12:14 PM
Ok thanks i will turn off HTML


All times are GMT. The time now is 08:08 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01558 seconds
  • Memory Usage 1,712KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (8)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete