PDA

View Full Version : Net Worm uses Google to Spread


His Eminence
12-21-2004, 06:06 PM
I'm sure most of you already saw this on Slashdot.

http://it.slashdot.org/article.pl?sid=04/12/21/2135235&from=rss

I'm kinda sketchy on the details, as I'm busy in the middle of upgrading my phpBB install, but it seems pretty dangerous. A lot of sites have already been defaced.

I know some team sites use phpBB or atleast PHP to run their site, so make sure its secure. (Rumors are that is actually a PHP exploit compounded by the recent highlight exploit in phpBB.) :cool:

Joe Ross
12-21-2004, 07:48 PM
Isn't that just an exploit to the problem posted about here? http://www.chiefdelphi.com/forums/showthread.php?t=31709

Matt Adams
12-21-2004, 09:40 PM
(Rumors are that is actually a PHP exploit compounded by the recent highlight exploit in phpBB.) :cool:
This is not a rumor.

There is a known exploit in PHP itself (the programming language). You should upgrade all servers to at least PHP version 4.3.10 and Zend Optimizer to version 2.5.7.

However, these are completely separate issues. Just upgrading PHP on the servers to the current version will not fix exploits in PHPbb.

Matt

CrazyCarl461
12-22-2004, 12:34 PM
Man oh man, is that what happened to our site (http://www.boilerinvasion.org/)?

That doesn't look very fun.

edit: It looks like our speedy admin is already on it.

team222badbrad
12-22-2004, 12:55 PM
I saw this on monday. I was visiting www.farcrygame.com

At first I thought it was a thing blocking the website from the school.

(I was at my high school on my computer account that is still active even though I graduated from there in June...)

They fixed the site the next day.

Matt Adams
12-22-2004, 01:01 PM
Man oh man, is that what happened to our site (http://www.boilerinvasion.org/)?

That doesn't look very fun.

edit: It looks like our speedy admin is already on it.
Yes it is. Here's quick patch information, you should just need to fix that one file:

http://www.phpbb.com/phpBB/viewtopic.php?t=240513

Matt

Aaron
12-22-2004, 03:10 PM
scary

JohnBoucher
12-23-2004, 06:20 AM
A reminder to all users of php-BB. UPDATE. It's still out there and will come back.

http://www.cbronline.com/article_news.asp?guid=366C3494-1446-4A8B-973C-F67044266D35

Dekker Avesque
12-24-2004, 07:58 PM
Ah yes, I heard about this awhile ago here (http://antireality.net/board/thread.php?id=1703).

I haven't heard too many details about the actual PHP exploit, but I don't think it affects too many people.

the_mayor
12-24-2004, 10:15 PM
Man some people have way too much time on thier hands. I sure hope our website doesn't get infected.