11
Catzwolf
Re: Attn: phpBB users - php 4.3.10 Exploit found
  • 2004/12/22 19:09

  • Catzwolf

  • Home away from home

  • Posts: 1392

  • Since: 2007/9/30


@ackbarr:

I know, I have been in contact with the server admins and they have stated they have taken steps to prevent this in the future. We will wait and see.

Yes I read that yesterday and I have been throu the logs and found nothing at that time that would indicate a direct attack.

ATB

Catz

12
Herko
Re: Attn: phpBB/IPB (etc) users - php 4.3.10 Exploit found
  • 2004/12/22 19:15

  • Herko

  • XOOPS is my life!

  • Posts: 4238

  • Since: 2002/2/4 1


...so for now it seems that newbb is safe from this vulnerabilty and that the worm attacked thru another vhost?

Herko

13
ackbarr
Re: Attn: phpBB users - php 4.3.10 Exploit found

not a problem, I just wanted to squash any rumors that newbb (or newbb2) suffered from the same vulnerability.

14
Catzwolf
Re: Attn: phpBB users - php 4.3.10 Exploit found
  • 2004/12/22 19:23

  • Catzwolf

  • Home away from home

  • Posts: 1392

  • Since: 2007/9/30


I will let you know once I have looked throu everything

15
ackbarr
Re: Attn: phpBB users - php 4.3.10 Exploit found

thanks catz - I look forward to hearing any further info on this.

16
Anonymous
Re: Attn: phpBB/IPB (etc) users - php 4.3.10 Exploit found
  • 2004/12/22 19:30

  • Anonymous

  • Posts: 0

  • Since:


That worm is looking for "Powered by phpBB" with google ... so now newbb is safe ...

17
Peekay
Re: Attn: phpBB/IPB (etc) users - php 4.3.10 Exploit found
  • 2004/12/22 20:23

  • Peekay

  • XOOPS is my life!

  • Posts: 2335

  • Since: 2004/11/20


NewBB may be safe from a direct attack, but it's not as simple as that. Although the worm initially attacks vulnerable versions of phpBB,(earlier than 2.0.11) if you are on a *shared* server the worm can still deface your index.html or index.php files, even if you don't run a bulletin board at all.

Hosts need to forcefully patch vulnerable phpBB installations on their shared servers, otherwise everyone running PHP applications on that server is at risk. I have already emailed our hosts to find out what they are doing about it. I only hope they have been as pro-active as the host mentioned in this thread

18
GIJOE
Re: Attn: phpBB users - php 4.3.10 Exploit found
  • 2004/12/23 20:07

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


What ackbarr wrote is right, I think.

This hole is just a phpBB's specific bug. ( "/e" in preg_replace() )
PHP version and this hole are irrelevant.

The coding style of phpBB looks quite insecure.
Although this hole is patched in 2.0.11, attackers will crack phpBB via the other holes easily.

Of course, PHP <= 4.3.9 has a vulnerability with unseriarize() and newbb should be patched with such an old PHP.

19
jorgebarrero
Re: Attn: phpBB/IPB (etc) users - php 4.3.10 Exploit found

I have been attacked this morning by a worm.

Not really sure of the cause. My hosting company is working on it, but it seems that a strong security issue must be handled

Jorge Barrero

20
WarDick
Re: Attn: phpBB/IPB (etc) users - php 4.3.10 Exploit found
  • 2005/1/24 17:21

  • WarDick

  • Just can't stay away

  • Posts: 890

  • Since: 2003/9/13


@GIJOE
Could you recommend the forum module that is the most secure.

Login

Who's Online

436 user(s) are online (349 user(s) are browsing Support Forums)


Members: 0


Guests: 436


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits