Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4).

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4).
From: scott@xxxxxxxxxxxxx
Date: 7 Feb 2006 02:47:36 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

While we take all security reports seriously we have investigated this report 
and have been unable to find any sort of exploit suggested by the author.

External security audits are performed on a regular basis and we are committed 
to the fast response and release of patches for any vulnerability, credit is 
also given where due for any discoveries.

After contacting the author for more information the response we received was 
that a fee would have to be paid for more information. As a company we refuse 
to be coerced into paying a ransom given that the author has not been able to 
demonstrate that the vulnerability exists, much less a willingness to work with 
us to ensure a secure product for end users.

Prev by Date: Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4).
Next by Date: [myimei]MyBB 1.0.2 XSS attack in search.php
Previous by thread: Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4).
Next by thread: Re: Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4).
Index(es):
- Date
- Thread