vBulletin vulnerability

[DirectAdmin Support]

Hello,

We have recently patched a security vulnerability in vBulletin. Although we have no report of any customer forum account being compromised, we ask that users maintain good practice and change their forum password. As with any security update, there is a lapse between the time of discovery and the time when it is patched, so we prefer to take all vulnerabilities seriously.

Please note, this is a vBulletin patch only. Other servers (billing, licensing) are not affected; As with any vBulletin vulnerability/patch, the only accounts potentially affected are forum accounts.

John

 

[Frej]

u could always change to a better forum platform like invision power suite or xenforo. vbulletin did afterall blatantly ignore a 0day exploit which was correctly filed on their bug tracker. they only acted when their own site got compromised

 

[Arieh]

I would like to recommend all users to use a password manager like KeePass, so you can use a long total random password for each different site. In case a password actually gets revealed, there is no problem other than for the affected website.