Security notice to all alliance running outdated versions of Invision Power Board

[bros]

If you are running an IPB forum that is version 2.3.5 or less, please either upgrade it if your license is still active or convert to SMF. There is another thing you can do, but it is a bit annoying, but I can instruct you how to do it over query on IRC.

Why?

If you have a version that is less than that people can and will try to steal your passwords and they will probably succeed. They have on one alliance I was helping last night. That was rather fun last night. I found a lot of information out on a person.

mmmk CN?

[lebubu]

too late i already have your passwords

[Zoomzoomzoom]

What version is this forum?

[Lord Boris]

IPB

Hopefully nobody has issues, but vigilance is always good.

Edited January 9, 2010 by Lord Boris

[Kzoppistan]

All your base are belong to us.

[bros]

What version is this forum?

It doesn't list it, but I have a feeling admin is a smart admin and keeps stuff up to date

[Tushar Dhoot]

Because version 2.3.5 doesn't have any exploits

[bros]

Because version 2.3.5 doesn't have any exploits

I'm just posting about one specific exploit because I encountered someone using it last night. It should be rather entertaining when the person in question comes on IRC.

[Bob]

Because version 2.3.5 doesn't have any exploits

If someone has gotten into a forum on CN using a specific exploit on a specific type of forum software, then it would /probably/ be a good idea to not be on that, right?

[Sandwich Controversy]

...or convert to SMF.

Oh you, bros.

[lonewolfe2015]

It's a trap!

Honestly, if you have a license with IPB you probably have upgraded already. If you don't have a license and you umm... "borrowed" one, then let the security holes build I say!

[astronaut jones]

Anyone who would willingly take things to that level, that they would try to hack another alliance's forums, needs a swift kick in the $@! and a reality check. I hope anyone using an older version of IPB listens to bros, as there's no need for any other forums to potentially be compromised.

Also, bros is good people, so .. listen to bros regardless.

edited because I spelled forms instead of forums.. yeah, that was dumb.

Edited January 9, 2010 by astronaut jones

[Nintenderek]

Anyone who would willingly take things to that level, that they would try to hack another alliance's forums, needs a swift kick in the $@! and a reality check.

I don't think other alliances are the main worry. There are just random people out there who like to get all the information they can off of random forums.

[astronaut jones]

I don't think other alliances are the main worry. There are just random people out there who like to get all the information they can off of random forums.

Ahhh, I was under the impression based upon the first few posts, that the person who attempted this was somehow involved with CN/PB affairs in some way, and just drew the logical conclusion that they were someone who took a grievances with someone/some alliance further than it ever needed to go. Wouldn't have been the first time that someone took an in-game grievance too far.

[bros]

It's a trap!

Honestly, if you have a license with IPB you probably have upgraded already. If you don't have a license and you umm... "borrowed" one, then let the security holes build I say!

Some alliances IPB licenses may have expired after the year or whatever or free upgrades and they do not wish to pay for more upgrades.

Ahhh, I was under the impression based upon the first few posts, that the person who attempted this was somehow involved with CN/PB affairs in some way, and just drew the logical conclusion that they were someone who took a grievances with someone/some alliance further than it ever needed to go. Wouldn't have been the first time that someone took an in-game grievance too far.

they did, they stole peoples passwords on an Alliance's forums because they refused to give him admin powers or something like that.

[ddog241]

when will people learn

SMF > IPB

[Lord of Destruction]

I have IPB 3

Edited January 9, 2010 by Lord of Destruction

[Lord Razzia]

All your passwords are belong to us.

[supercoolyellow]

What version is this forum?

i approve of this mischievousness.

Plus 10 internets!

[Bilrow]

IPB 3.0.5 is good.

[bros]

IPB 3.0.5 is good.

Up to date stuff is always good.

The MK forums are guilty of not being up to date because stuff isn't compatible yet >_>

[Sooner]

vB works wonderfully.

[Esquire]

What version is this forum?

These forums are safe.

[Prime minister Johns]

It is always best to operate with the latest version of whatever software you use, they tend to have more features and are more secure.

I second what bros said, update your forum software if you have not already done so. (and change your passwords too as well just in case)

[Xiphosis]

Thanks for the heads up.