Archive for April, 2015

vBulletin 5 – Private Messages Input Validation Failure (R911-0173)

Friday, April 24th, 2015

Type: Input Validation
Location: Remote
Impact: Medium
Product: vBulletin
Website: https://www.vbulletin.com
Vulnerable Version: 5.1.4 – 5.1.6
CVE: -
R911: 0173
Date: 2015-04-24
By: RACK911 Labs

Product Description

vBulletin (vB) is a proprietary Internet forum software package developed by vBulletin Solutions, Inc., a division of Internet Brands. It is written in PHP and uses a MySQL database server.

Vulnerability Description

Due to an input validation failure, it is possible for a malicious user to inject messages into existing conversations without authorization.

Impact

We have deemed this vulnerability to be rated as MEDIUM due to the fact that a malicious user can impersonate another user which could lead to additional compromises.

Vulnerable Version

This vulnerability was tested against vBulletin 5.1.6 and is believed to exist in all prior versions.

Fixed Version

This vulnerability was patched in vBulletin 5.1.4 to 5.1.6. Patches are available under the members section of vBulletin’s website.

Vendor Contact Timeline

2015-04-16: Vendor contacted via email.
2015-04-20: Vendor confirms vulnerability.
2015-04-23: Vendor issues patches.
2015-04-24: RACK911 Labs issues security advisory.