MasterVision Posted April 29, 2010 Share Posted April 29, 2010 Greetings to all! I just want to put this comments for your customer's security and for your awareness of the SQL Injection Vulnerability of the IPB System because I was hacked and made my board inaccessible even I just recently updated to the most stable release 3.0.5 IP.Board. Can you please check all the possible gateways for the attackers to get in IPB.Board? Because if someone successfully get in to my board that easy, all IPB customers will be in danger. Thank you very much and hope you'll pay attention to it. Link to comment Share on other sites More sharing options...
Wolfie Posted April 29, 2010 Share Posted April 29, 2010 You should submit a ticket in the client area so that you can give them any and all details possible to help them determine how it happened. Just simply saying that it happened won't do any good if they have no details, and I doubt IPS would like the details of how it happened explained here, for security purposes. (However, I could be wrong about that last part.) Link to comment Share on other sites More sharing options...
MasterVision Posted April 29, 2010 Author Share Posted April 29, 2010 Of course the security is our main concern here that's why I put it here as feedback not only for myself but for you as well if you are running IP System, especially the IP.Board. In this way, they will be aware that they should do something for their customers' security. Dont get me wrong here. Link to comment Share on other sites More sharing options...
Wolfie Posted April 29, 2010 Share Posted April 29, 2010 IPS has demonstrated in the past that security is a top priority. :) I was just saying to contact them in private to try to help them determine how it happened so that they can get it fixed. Wasn't fussing or anything, just that as a fellow customer, I would like a patch ASAP, and so I'm eager for them to become aware of it so they can start working on it. Link to comment Share on other sites More sharing options...
Jaggi Posted April 29, 2010 Share Posted April 29, 2010 There are no known vulnerabilities in IPB at this moment and if there were they are usually fixed very quickly. If you think you've found one then please submit a ticket in your client area. IPS will investigate you board to see if it was indeed ipb which was hacked or whether it was down to a vulnerability in your server setup. Link to comment Share on other sites More sharing options...
bfarber Posted April 29, 2010 Share Posted April 29, 2010 As Jaggi said, we're not aware of any SQL Injection vulnerabilities with the latest version of IPB. If you believe you were hacked through IP.Board it is imperative you submit a ticket so that we can investigate. If indeed you were attacked through IPB we'll make a security patch and release it. We have nothing to go on, however, at this point. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.