Friday, April 28, 2017
Home / Security / Breaches / openSUSE Forum’s Breached via VBulletin 0day

openSUSE Forum’s Breached via VBulletin 0day

The hacker told sources that this zero-day allows him to read and write any file on the forum server without root privileges. He hasn’t provided any other details.

Meanwhile, openSUSE has shut down its forum. The organization’s representatives say they’ve taken this decision because there’s no workaround and no fixes for the exploit. vBulletin has not made any comments on the issue.

So what data has the hacker jeopardized? At first, openSUSE mentioned that user accounts couldn’t have been affected because of the authentication system they’re utilizing.

“Credentials for your openSUSE login are not saved in our application databases as we use a single-sign-on system (Access Manager from NetIQ) for all our services. This is a completely separate system and it has not been compromised by this crack,” openSUSE said.

On the other hand, the hacker has provided The Hacker News with an image (see screenshot) which shows that he has gained access to what appears to be encrypted passwords. openSUSE says there’s an explanation for that.

The hacker also released pictures of access to the database.

Opensusehacked

“What the cracker reported as compromised passwords were indeed random, automatically set strings that are in no way connected to your real password,” they noted.

Nonetheless, they actually acknowledge that the Pakistani hacker has acquired user emails.  This isn’t the first time when unconfirmed reports of a vBulletin zero-day surface. In November, hackers of Inject0r Team claimed to have breached MacRumors and the vBulletin.org by exploiting a vBulletin zero-day vulnerability.  Inj3ct0r also claims they have a vBulletin zero-day for sale.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …