New Security Issue in VB?

Discussion in 'vBulletin Discussions' started by Autopilot, Aug 24, 2013.

  1. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    The VB support staff show how caring they can be.
    aimg69.imageshack.us_img69_6518_a9v.gif

    Why not?

    Strange to relate to you, but people have a right to post their opinion, as long as it does not break the rules.

    I know that you get frustrated about not having the ban button, but anyone with an interest in VB are allowed to post about it.
    Even if it does or does not agree with the censored opinions on VB.
     
    Last edited by a moderator: Aug 28, 2013
  2. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,602
    Likes Received:
    1,707
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    Good to hear the devs are aware of it and will have it patched although I always deleted the install folder whenever I had installed vbulletin in the past.
     
    Autopilot likes this.
  3. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    "potential exploit"? It is or it isn't and as it has occurred on numerous occasions suggests they are grasping at straws to explain it and just throwing out "try this to fix it". Even Paul M has given several speculations in this thread but at least he called it what it was. An exploit.
     
  4. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    I agree, this is something I do as well. And I've seen some programs that do remove the install files as a final clean up after the install.
     
  5. SatGuyScott

    SatGuyScott Regular Member

    Joined:
    Oct 28, 2009
    Messages:
    151
    Likes Received:
    119
    Location:
    Newington, Connecticut
    Hate to say it Paul, but EVERYTHING you say is considered to be official vBulletin. Everything you say reflects vBulletin/Internet Brands.

    I have a package going out to Mr. Brisco soon with things I think is wrong with vBulletin accumulated from various forums and I hate to say it but the majority of things are postings by you. Again your actions speak on behalf of vBulletin.

    Your a bad apple, and you know what happens to bad apples.
     
    Big al likes this.
  6. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    Ouch, we all know what happens when awww.myemoticons.com_images_humor_poop_crap_hitting_the_fan.gif
     
    Big al likes this.
  7. Alfa1

    Alfa1 Regular Member

    Joined:
    Jul 24, 2009
    Messages:
    303
    Likes Received:
    196
    Yeah, this is completely irrelevant:
    avatar57151_11.gif.png
     
    Iconic and Big al like this.
  8. djbaxter

    djbaxter Regular Member

    Joined:
    Jul 4, 2009
    Messages:
    261
    Likes Received:
    162
    Location:
    Ottawa ON Canada
    Perhaps you haven't noticed but that's not his avatar here. He is here as an individual, not as a representative of IB. That's his prerogative. He has a right to decide what he does on his free time just like the rest of us.
     
    digitalpoint, Bundy and Mark.B like this.
  9. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,602
    Likes Received:
    1,707
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    I for one, welcome everyone to post here :cool:
     
    djbaxter, Autopilot and Big al like this.
  10. Paul M

    Paul M Dr Pepper Addict

    Joined:
    Jun 16, 2009
    Messages:
    449
    Likes Received:
    136
    Location:
    Nottingham, UK
    Correct, its totally irrelevant.

    My posts here have nothing to do with who I work for.
    Only those with axes to grind keep trying to state differently.

    Scotts posts are not posted as official posts of VBG, your posts are not officail posts of whoever you work for, nor are anyone elses. Stop trying to kid everyone that posts from someone who happens to work for one company [you happen to hate] are official posts, while everyone elses are not. Its complete nonsense.

    Unless I tell you otherwise, everything and anything I post is as a vB customer (Yes, I am) , user and administrator.
    I shouldnt even have to make that clear as its common sense, but as always, the few will try to twist reality to fit their agenda.
     
    Mark.B and Brandon like this.
  11. Paul M

    Paul M Dr Pepper Addict

    Joined:
    Jun 16, 2009
    Messages:
    449
    Likes Received:
    136
    Location:
    Nottingham, UK
    Several ?
    I only posted one possible guess on Sunday, before any information on an exploit was available, and then posted about the actual exploit, as posted in the announcements forum yesterday.

    Its "potential" only because you need a certain level of technical knowledge to use it, plus the relevant details on what to do, and of course, it only works if the files exist on the target.
     
  12. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    Maybe you too will be banned then ? Or you can wait until you too are pushed out, then you can really post as only a customer.

    ROTFLMAO!!!

    Oh dear me, our daily entertainment has arrived.
     
  13. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    1 speculation

    2 speculations and confirmation of an exploit. 2 or more speculations equals several or it did when I went to school.
    SO is what you are saying is that if and only if the install files are present they can gain access and assign themselves as administrator by simply running an SQL query? And in the case where the install files are not present how can this breach be explained?
     
  14. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    WOOHOO please don't change my Trophy Points. At my age 69's are hard to come by LMAO
     
  15. s.molinari

    s.molinari Regular Member

    Joined:
    Nov 6, 2009
    Messages:
    774
    Likes Received:
    603
    Location:
    Käshofen
    Ehem....correction.

    Scott's posts are from Scott, who is sole proprietor of Adduco Digital e.K., who is the ex-distributor of vBulletin and in charge still of vB-Germany.com and whose opinions are his and thus as official as anything he'd post on vB-G.com or any other official site of Adduco.

    The difference being, I can speak much more openly on third party sites than I would on vB-G.com. That doesn't mean what I say on those sites doesn't have any more or less merit. I stand by what I say, as a person, as the leader of Adduco and of vB-G.com, no matter where I speak.

    My only disclaimer is that my opinions and views ARE DEFINITELY NOT THE SAME as any of IB's staff or management. That is where you have a problem. You are a member of IB's staff and most people know that. As such, you must represent IB as best you can and thus, you are stuck with their rules and policies and direction and have to deal with the onslaught they have caused.

    I don't. Not really. [edit] - Thank god.

    Scott
     
    Liam W, Big al and Autopilot like this.
  16. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    @Paul M
    Are you suggesting that very few people have this "certain level of technical knowledge to use it"???? That would hardly qualify this as a "potential" anything. I think others will disagree with you in that it either is or is not an exploit without any grey area of "well it could or could not be depending on ones certain level of technical knowledge". I don't have I guess that level you speak of but I don't believe your explanation or definition of "potential exploit".
     
  17. Alfa1

    Alfa1 Regular Member

    Joined:
    Jul 24, 2009
    Messages:
    303
    Likes Received:
    196
    Your posts are about who you work for and vigorously defend the company that you are under contract with. Therefore your posts have everything to do with who you work for.

    Can you imagine that there are other motives possible than only haters and fanboys? The world is not that simple.

    I can understand how you may interpret some of my posts as such, but your conclusion is incorrect. I do have a deep distrust & disappointment in regards to IB / vbs and their motives. I do not hate that company. I suspect that its motive / vb business model is to tank their vbulletin customers and IB competitors. Like most of vbulletin websites, my sites also compete with IB's 2000+ websites.
     
    Last edited: Aug 29, 2013
    Big al likes this.
  18. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    @Paul M. I do not think that anyone here HATES you or even VB/IB. I can however see a lot of disappointment in the actions of VB/IB and the support staff.

    Time and time again, you avoid facing the truth. The FACTS are that if you and VB/Ib treat customers with disdain, then there will be inevitable results. I can understand that the results and reaction to your arrogance will not be to your liking. But this will not change things, only you and VB/IB can do this.

    I am sure you are not aware of this, but I feel that just about all the members here have been quite restrained, in trying to point out the failings and how they affect them. I know I have been restrained in what I have said.

    NO Paul, the members here are NOT sycophants nor subject to your whims, they are adults who are expressing their opinions in a generally civilized and reasonable manner.

    It is about time you realized how you are being perceived and your reasons for insulting and defaming honest people.

    What will you achieve by defaming people here? We are not frightened children and will never cower to you.

    Sorry dude, but you seem to have totally lost it.
     
    signal500 likes this.
  19. Mark.B

    Mark.B Regular Member

    Joined:
    Jul 4, 2013
    Messages:
    253
    Likes Received:
    42
    Many have been restrained, a select few continue to be less so, and they know who they are.

    It's the same names across several sites.
     
  20. GTB

    GTB Regular Member

    Joined:
    Jun 30, 2009
    Messages:
    1,791
    Likes Received:
    270
    Who by?
     

Share This Page