Alert - Worm Defacing phpBB Forums

Discussion in 'Third-party applications' started by Takeshi Eto, Dec 23, 2004.

Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.
  1. Takeshi Eto

    Takeshi Eto DiscountASP.NET Staff

    Thousands of phpBB forums are reported to have been defaced by the Santy Worm.

    Written in PERL, the Santy Worm exploits a flaw in the file, viewtopic.php, allowing an SQL injection exploit. After the worm defaces the phpBB forum, it will apparently use Google to locate the viewtopic.php files of other forums.

    For more information, see: http://www.securiteam.com/unixfocus/6J00O15BPS.html

    The viewtopic.php security hole is fixed in phpBB v2.0.11 ( http://www.phpbb.com/downloads.php ). We urge any customer using phpBB to upgrade to the latest version.

    DiscountASP.NET
    http://www.DiscountASP.NET
     
    Takeshi Eto, Dec 23, 2004
    #1
Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.

Share This Page