amuck-landowner

vpsBoard downtime announcement

MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
There was a nasty IPB 0-day released to the wild, as such vpsBoard was taken offline as a precautionary measure. While there is no patch available yet deleting ipsconnect.php should have fixed the issue.

I want to thank @Francisco for alerting me of this as it came to his attention very shortly after it was released. IPBoard wasn't even aware the exploit was out there until I had ticketed them to request why they haven't warned their members on their community forums yet.

Anyhow, we're back. :)
 
D. Strout

D. Strout

Resident IPv6 Proponent
MannDude said:
There was a nasty IPB 0-day released to the wild, as such vpsBoard was taken offline as a precautionary measure. While there is no patch available yet deleting ipsconnect.php should have fixed the issue.

I want to thank @Francisco for alerting me of this as it came to his attention very shortly after it was released. IPBoard wasn't even aware the exploit was out there until I had ticketed them to request why they haven't warned their members on their community forums yet.

Anyhow, we're back. :)
Click to expand...
What does (did) ipsconnect.php do?
 
raindog308

raindog308

vpsBoard Premium Member
Moderator
ipsconnect allows multiple sites to share one login.  I think you can even federate to other boards.

Invision kind of fumbled this response though.  They say:

"It has been brought to our attention that certain PHP configurations allow for a potential SQL injection vulnerability. Although this exploit requires some knowledge of your configuration and for certain files to be web-readable, we felt it important to release an update."

However, I ran the exploit against my IPB and it injected SQL just fine - no "knowledge" was needed other than the URL.
 
k0nsl

k0nsl

Bad Goy
Didn't IP.Board also delete your topic? Perhaps out of concern for hatching an idea as to what/how to fix the issue, though..so in that respect I could understand them. A little.
 
drmike

drmike

100% Tier-1 Gogent
k0nsl said:
Didn't IP.Board also delete your topic? Perhaps out of concern for hatching an idea as to what/how to fix the issue, though..so in that respect I could understand them. A little.
Click to expand...
Yeah they did that.

Boo MFers.  Waaa don't show the masses our exploited asses.
 
You must log in or register to reply here.
Top
amuck-landowner