Eric
12-23-2004, 04:04 AM
Thousands of phpBB forums are reported to have been defaced by the Santy Worm.
Written in PERL, the Santy Worm exploits a flaw in the file, viewtopic.php, allowing an SQL injection exploit. After the worm defaces the phpBB forum, it will apparently use Google to locate the viewtopic.php files of other forums.
For more information, see: http://www.securiteam.com/unixfocus/6J00O15BPS.html
The viewtopic.php security hole is fixed in phpBB v2.0.11 ( http://www.phpbb.com/downloads.php ). We urge any customer using phpBB to upgrade to the latest version.
DiscountASP.NET
http://www.DiscountASP.NET
Written in PERL, the Santy Worm exploits a flaw in the file, viewtopic.php, allowing an SQL injection exploit. After the worm defaces the phpBB forum, it will apparently use Google to locate the viewtopic.php files of other forums.
For more information, see: http://www.securiteam.com/unixfocus/6J00O15BPS.html
The viewtopic.php security hole is fixed in phpBB v2.0.11 ( http://www.phpbb.com/downloads.php ). We urge any customer using phpBB to upgrade to the latest version.
DiscountASP.NET
http://www.DiscountASP.NET