VMProtect Software » Forum

Hi,

we receive email like this:

From: Joey Stamp [mailto:gooman93@bk.ru]
Sent: Monday, October 12, 2015 04:19 PM
To: dean@...; miguel@...
Subject: Security Exploit in your licensing manager

Hello,

I just wanted to inform you that your site: http://cc-licensing.com is vulnable to the following exploit:

Username: exp:NULL UNION SELECT 1337, 0x663467, SHA1(0x663467), 0x663467407461707a2e6575, 1, 0
Password: f4g

The company "VM Protect" said that they've fixed the issue, but you didn't upgrade yet. It would be smart to update the Web Licensing Manager to the newest version to fix the security exploit.

I searched the forum and the vmp soft website but cannot find an upgrade to the licensing manager.

Are those email a scam?

Oeps, I tried the suggested username and password on our licensing server and they WORK!!!

Where can I download a fixed version of the web license manager?

Ferdinand

This bug was fixed in the version 2.2.2 (the latest version is 2.4.2). The latest version is available for registered users with unexpired free updates period.

Sorry? I do not want the latest version. I want a fixed version.

Leon Kohlen (the owner, i'm the developer) bought Version 2.13 on august 19 2013.

Now we are aware that these security problems were known to you at the end of 2013 and fixed.
https://forum.tuts4you.com/topic/34013- ... abilities/

We had since that time not the opportunity to download a fixed version. You did not notice us of a serious security problem with your web license manager. And now you tell us we have to BUY a security fix!

Please make version 2.2.2 of the weblm available to legal owners of the serious flawed previous version.

The fixed version sent to Leon. Please check it.

Me too please.

Thank you.