<<< Date Index >>>     <<< Thread Index >>>

Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4).



While we take all security reports seriously we have investigated this report 
and have been unable to find any sort of exploit suggested by the author.

External security audits are performed on a regular basis and we are committed 
to the fast response and release of patches for any vulnerability, credit is 
also given where due for any discoveries.

After contacting the author for more information the response we received was 
that a fee would have to be paid for more information. As a company we refuse 
to be coerced into paying a ransom given that the author has not been able to 
demonstrate that the vulnerability exists, much less a willingness to work with 
us to ensure a secure product for end users.