These will probably be poted on BugTraq in the next day or two. JelSoft were informed, but who knows when thet will release a patch. They may just call it vBulletin 2.3.5 and charge for it
I better get my mates to upgrade when a new board is made available. I'm guessing writing a patch would be against the license, because it's not open source?
I agree about that money comment. vBulletin is a decent board, and people insist it's very secure. Heh, the only reason there are less reports of sec vulns in vbulletin is because fewer people have access to the source . Hehe, surely they can't make customers pay for an upgrade though?
-Shaun.
JeiAr
Mar 16 2004, 08:16 PM
Thanks Shaun I agree about the source issue. I think personally that phpBB and the like are more secure. I would have included patch info in my report, but I don't take much time with pay software. One of the reasons I do research is a hobby, but the other is cause I feel like I give something back to the OpenSource community.
vBulletin should make vBulletin Lite available again under the GPL. Anyway, forget them and thier policies. BTW, they weren't informed about the private.php issue. I don't think it exists in 3.x, but does in 2.x I found that after I made the BugTraq posting && notified JelSoft.
JeiAr
Mar 20 2004, 08:51 PM
Seems the admincp and modcp logins are also vuln to XSS. See my original write up for details.
BTW, they weren't informed about the private.php issue. I don't think it exists in 3.x, but does in 2.x I found that after I made the BugTraq posting && notified JelSoft.
