Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5

Phpbb worm
#1

http://www.pcworld.com/news/article/0,aid,119029,00.asp

[Image: vel.png]
Reply
#2

Yep, also http://seclists.org/lists/bugtraq/2004/Dec/0281.html

And while the worm targets phpbb, its not clear that any other software written in php is not also vulnerable. The problem is in the function urldecode which is built-in to php.

BTW, the website defacing done by this specific worm would have been prevented on phpbb installs where the files belong to some user other than apache or whoever the webserver is running as. So the moral is NEVER to leave permissions on your file system writable by apache unless apache REALLY needs the write permission.

Since PHP is an open sore as far as security is concerned, I'm definitely going to check my own websites tonight to ensure that NONE of my files are owned by apache Smile Everyone should do the same.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)