Announcement

Collapse
No announcement yet.

vBulletin Security Patch for vBulletin 4 - 10/31/2011

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • vBulletin Security Patch for vBulletin 4 - 10/31/2011

    A recent vBulletin 4 (all versions, Suite & Classic) report indicated that if an installation had been hacked previously, the attacker could hide malicious code to allow a repeated attack. To further strengthen vBulletin’s security - additional security checking and query cleaning were added to thwart such attacks.

    The issue does not affect vBulletin 3.x.

    To improve the security of your vBulletin 4 installation please download the patch from the members area of vBulletin: http://members.vbulletin.com/
    We recommend you install this security patch as soon as possible.

    The upgrade process is the same as previous patch level releases - simply download the patch from the Members' Area, extract the files and upload to your webserver, overwriting the existing files. There is no upgrade script required.
    anders | vbulletin team | check out the new vbulletin facebook app
    Proudly vBulletin'ing since 2001
    Please be my friend!
    http://www.twitter.com/inetskunkworks
    vBulletin Performance Articles:
    Click here to read

  • #2
    Additional Information:

    This is an update to the previously fixed "social group search exploit"; this new report indicated that in some cases the attacker was able to leave a backdoor in the database to allow subsequent attacks even after a successful patch-fix. This updated patch will prevent such repeated attacks.
    anders | vbulletin team | check out the new vbulletin facebook app
    Proudly vBulletin'ing since 2001
    Please be my friend!
    http://www.twitter.com/inetskunkworks
    vBulletin Performance Articles:
    Click here to read

    Comment


    • #3
      To be precise, this is the file that has been patched: packages/vbforum/search/type/socialgroupmessage.php
      anders | vbulletin team | check out the new vbulletin facebook app
      Proudly vBulletin'ing since 2001
      Please be my friend!
      http://www.twitter.com/inetskunkworks
      vBulletin Performance Articles:
      Click here to read

      Comment

      Related Topics

      Collapse

      Working...
      X