OpenSUSE forums defaced via unknown vBulletin 0-day
Posted on 08 January 2014.
The official forums of the openSUSE Linux distribution have been hacked and defaced by a Pakistani hacker that goes by the handle "H4x0r HuSsY."

According to THN, the hacker has defaced the site and downloaded a database containing information about nearly 80,000 forum users, and did so by using a private vBulletin zero-day exploit that allowed him to browse, read or write / overwrite any file on the Forum server without root privileges.

The exploit apparently takes advantage of a flaw present in the vBulletin version used for the openSUSE forums (4.2.1), but also the latest version of the online forum software package (5.0.5).

The hacker claims that the user database he managed to get his hands on contains usernames, passwords and email addresses, and has posted a redacted screenshot of it to prove his claim.

But openSUSE admins claim that passwords have not been compromised.

"Credentials for your openSUSE login are not saved in our application databases as we use a single-sign-on system (Access Manager from NetIQ) for all our services. This is a completely separate system and it has not been compromised by this crack," they explained in a blog post. "What the cracker reported as compromised passwords where indeed random, automatically set strings that are in no way connected to your real password."

Still, the local database did contain users' email addresses.

They also announced that the forums will be taken offline until a fix or a workaround for the exploited flaw is found.

vBulletin is an extremely popular forum software package and is used by many large web forums, and their admins might want to consider doing the same.









Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //