Breach, Data Security, Incident Response, TDR, Vulnerability Management

VBulletin flaw exploited in breach of Ubuntu Forums


A known SQL injection vulnerability affecting vBulletin software was exploited by an attacker to breach the Ubuntu Forums database. The attacker accessed the user table, containing usernames, email addresses, Internet Protocol addresses, and the hashed and salted strings used for Ubuntu Single Sign On logins of 2 million users.

“The attacker had the ability to inject certain formatted SQL to the Forums database on the Forums database servers," Canonical Ltd. CEO Jane Silber wrote in a company blog post. "This gave them the ability to read from any table but we believe they only ever read from the ‘user' table.” 

Canonical, the software vendor that powers the Ubuntu project, has since patched the vBulletin flaw and reset all system and database passwords. The software company also backed up is servers running vBulletin, then wiped clean and rebuilt the servers.

In November, vBulletin reset all user passwords after a breach compromised personally identifiable information of almost 480,000 subscribers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.