Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24296
HistoryJul 23, 2010 - 12:00 a.m.

vBulletin - Critical Information Disclosure

2010-07-2300:00:00
vulners.com
77
JSON

Versions Affected: 3.8.6 (Only!)

Info:
Content publishing, search, security, and more—vBulletin has it all. Whether
it’s available features, support, or ease-of-use, vBulletin offers the most for
your money. Learn more about what makes vBulletin the choice for people
who are serious about creating thriving online communities.

External Links:
http://www.vbulletin.com/

-:: The Advisory ::-
vBulletin is prone to information disclosure of the entire database
credentials used in config.php via the faq.php file.

By searching for "database" on a vulnerable installation of vBulletin
an attacker is shown the information mentioned above.

-:: Solution ::-
A patch is available from http://members.vbulletin.com

Alternatively, search for "database_ingo" in the Phrase Manager
within the Admin Control Panel, and delete or edit all critical details.

Disclosure Information:

  • vBulletin Security Notice & Patch: 22nd July 2010
  • Vulnerability Researched and Disclosed: 22nd July

Note:
After searching the Internet a bit I discovered that I wasn't the
only one which knew about this bug. Please note that I give full
credit to the rightful finder / owner of this exploit.

References:
http://forum.intern0t.net/exploits-vulnerabilities-pocs/2857-vbulletin-3-8-6-critical-information-disclosure.html
http://www.vbulletin.com/forum/showthread.php?357818-Security-Patch-Release-3.8.6-PL1

All of the best,
MaXe

JSON