Skip to main content
Topic: IPB Board Hacked (Read 3215 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

IPB Board Hacked

As of the time of this post, the BitComet Forum is hacked by somebody, who seems to take advantage of a vulnerability in IPB up to version 2.1.6.

The message is...

"- H4CK3D - No damage done, just be sure to update your forums so this cant happen again: http://invisionpower.com

<3 Bitcomet, sry for the hax. Was too tempted."

Just a reminder for HA, as it also uses IPB v2.1.x.

IPB Board Hacked

Reply #1
Also happened to a BMW forum I frequent (E60 forums). Saturday night for about 4-5 hours. My AV caught it.

IPB Board Hacked

Reply #2
Yep......I have seen a number of other IPB's get |-|4ck3d......

.....v2.1.7 is out now actually, if at all possible HA should upgrade. I would hate to see something happen to this site.


/me crosses his fingers.
foobar2000 + EAC + Burrrn = Happiness

IPB Board Hacked

Reply #3
More info about the vulnerability is here and here
If I understand correctly, the problem is related to the uploading of avatar images. Could the HA admins fully disable  the use of avatars temporarily as a work around?  Better safe than sorry.

IPB Board Hacked

Reply #4
We are up to date regarding all currently known IPB security issues. IPB itself isn't upgraded because we run a patched version.

 
SimplePortal 1.0.0 RC1 © 2008-2019