phpBB worm defacing forums

12-21-2004, 16:00

Just a heads-up in case you don't already know, got this info from the
SomethingAwful forums:

A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11
to deface forums it finds.

MSN search lists some defaced sites:

http://tinyurl.com/4nvep

More info can be found at:

http://www.viruslist.com/en/viruses/...?virusid=68388
http://www.f-secure.com/weblog/

--
Dan Ruscoe

12-21-2004, 19:00

Dan Ruscoe wrote:
: Just a heads-up in case you don't already know, got this info from the
SomethingAwful forums:
:
: A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11
to deface forums it finds.
:
: MSN search lists some defaced sites:
: http://tinyurl.com/4nvep
:
: More info can be found at:
: http://www.viruslist.com/en/viruses/...?virusid=68388
: http://www.f-secure.com/weblog/

Ouch that bites.. but I know I am safe: *grin*
Powered by phpBB 2.0.11

12-21-2004, 19:00

Dan Ruscoe wrote

> Just a heads-up in case you don't already know, got this info from the
> SomethingAwful forums:
>
> A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11
> to deface forums it finds.

Thanks Dan.

According to phpBB, upgrading to the latest versions of PHP (4 or 5) fixes
this. Thankfully I did so not very long ago!

See:

http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=248046

I presume this is the same thing they are talking about.

--
Charles Sweeney
http://CharlesSweeney.com

12-21-2004, 22:00

"Dan Ruscoe" <danruscoe@gmail.com> skrev i melding
news:MPG.1c328e8ce89bcf3929@news.btopenworld.com.. .
> Just a heads-up in case you don't already know, got this info from the
> SomethingAwful forums:
>
> A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11
> to deface forums it finds.
>
> MSN search lists some defaced sites:
>
> http://tinyurl.com/4nvep
>
> More info can be found at:
>
> http://www.viruslist.com/en/viruses/...?virusid=68388
> http://www.f-secure.com/weblog/

Actually, I heard about this from my webhost earlier today (or "yesterday"
in this timezone). They spent about an hour going through each of their
servers, disabling ALL phpBB installations that weren't upgraded.

--
Kim André Akerø
- kimandre@NOSPAMbetadome.com
(remove NOSPAM to contact me directly)

12-21-2004, 16:00	#1 (permalink)
Dan Ruscoe Civilians	phpBB worm defacing forums Just a heads-up in case you don't already know, got this info from the SomethingAwful forums: A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11 to deface forums it finds. MSN search lists some defaced sites: http://tinyurl.com/4nvep More info can be found at: http://www.viruslist.com/en/viruses/...?virusid=68388 http://www.f-secure.com/weblog/ -- Dan Ruscoe

12-21-2004, 19:00	#2 (permalink)
Heidi Civilians	Re: phpBB worm defacing forums Dan Ruscoe wrote: : Just a heads-up in case you don't already know, got this info from the SomethingAwful forums: : : A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11 to deface forums it finds. : : MSN search lists some defaced sites: : http://tinyurl.com/4nvep : : More info can be found at: : http://www.viruslist.com/en/viruses/...?virusid=68388 : http://www.f-secure.com/weblog/ Ouch that bites.. but I know I am safe: grin Powered by phpBB 2.0.11

12-21-2004, 19:00	#3 (permalink)
Charles Sweeney Civilians	Re: phpBB worm defacing forums Dan Ruscoe wrote > Just a heads-up in case you don't already know, got this info from the > SomethingAwful forums: > > A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11 > to deface forums it finds. Thanks Dan. According to phpBB, upgrading to the latest versions of PHP (4 or 5) fixes this. Thankfully I did so not very long ago! See: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=248046 I presume this is the same thing they are talking about. -- Charles Sweeney http://CharlesSweeney.com

12-21-2004, 22:00	#4 (permalink)
Kim André Akerø Civilians	Re: phpBB worm defacing forums "Dan Ruscoe" <danruscoe@gmail.com> skrev i melding news:MPG.1c328e8ce89bcf3929@news.btopenworld.com.. . > Just a heads-up in case you don't already know, got this info from the > SomethingAwful forums: > > A worm is exploiting a vulnerability in phpBB versions lower than 2.0.11 > to deface forums it finds. > > MSN search lists some defaced sites: > > http://tinyurl.com/4nvep > > More info can be found at: > > http://www.viruslist.com/en/viruses/...?virusid=68388 > http://www.f-secure.com/weblog/ Actually, I heard about this from my webhost earlier today (or "yesterday" in this timezone). They spent about an hour going through each of their servers, disabling ALL phpBB installations that weren't upgraded. -- Kim André Akerø - kimandre@NOSPAMbetadome.com (remove NOSPAM to contact me directly)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Swiss man sentenced to 10 years for defacing pictures of Thai king	milmor_1	News Articles	1	03-31-2007 17:28
Wow! Check Pads Out! New Forums/Sub-Forums	Woodmonkey	Chit-Chat	3	09-19-2006 14:43
Which bulletin board is best? phpBB, Invision?	MeNotHome	Web Design	6	06-15-2004 11:52
phpbb programs	blinkin	Web Design	1	06-15-2004 11:19

Community Information
Options
	Contact Us - FAX - Terms of Service - Privacy Policy - Trackpads - Archive - Top
Trackpads Non-Commercial Ad

Time
	All times are GMT -4. The time now is 09:57.
Copyright
	The header is based off of work by Vipixel.com and modified by this site. Trackpads and the Trackpads Logo are both Registered Trademarks of Jason Edwards and cannot be used without prior written permission. The only exception is as a link back to this site. Trackpads is a private website run by a small legion of volunteers, 3 dogs, 12.5 cats and an army of small, super smart, bio-engineered mice with pointy hats and tutu's. Search Engine Friendly URLs by vBSEO 3.2.0 RC7
Archive Links
	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70