lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20061017155901.20297.qmail@securityfocus.com> Date: 17 Oct 2006 15:59:01 -0000 From: scottREMOVE@...lletin.com To: bugtraq@...urityfocus.com Subject: Re: vbulletin Exploit Tool Box As I'm sure everyone is aware by now. 1. "Flaw" only affects pirated copies that have intentionally removed some security features. Nothing we can really do here when this happens 2. This is an IE exploit thats been fixed for well over a year where GIF files would be parsed as HTML. 3. Versions >= 3.6.0 by default have anti-robot registering enabled, all previous versions had to enable this manually. Scott