Contribute  :  Support  :  Downloads  :  Forum  :  Links  :  Polls  :  Calendar  :  Directory  :  Advanced Search  
Geeklog The Ultimate Weblog System

advanced search 

Resources

Getting started
Support
Development

Sections

Home
Geeklog (190)
Geeklog 2 (28)
Announcements (201)
Summer of Code (8)
Security (55)
Plugins (50)
Server (26)
Spam (10)

User Functions

:

:

Don't have an account yet? Sign up as a New User
Lost your password?

What's New

STORIES

No new stories

COMMENTS last 2 days

No new comments

TRACKBACKS last 2 days

No new trackback comments

NEW FILES last 14 days


LINKS last 2 weeks

No recent new links

Older Stories

Monday 17-Mar


Tuesday 08-Jan


Saturday 29-Dec


Tuesday 04-Dec


Sunday 04-Nov
Welcome to Geeklog
Friday, May 16 2008 @ 02:43 AM EDT
   

Offtopic: phpBB worm in the wild

Wednesday, December 22 2004 @ 04:00 AM EST
Contributed by: Dirk
Views: 14,787
Security

This isn't exactly Geeklog-related, but since quite a few sites seem to be running phpBB (with or without the phpBBBridge), I'd like to point out that there's a worm going around at the moment that exploits a bug in phpBB versions 2.0.10 and earlier.

This seems to be the first time (at least that I'm aware of) that an automatic exploit for a web application is in the wild. The worm uses Google to search for phpBB boards, infects them, and then continues to spread from there. Infected sites show a red text "NeverEverNoSanity WebWorm Generation" (followed by a number) on a black background. More information about the worm can be found in the usual places, e.g. Bugtraq.

So to all phpBB users out there: Upgrade to phpBB 2.0.11 ASAP.

Update: According to F-Secure, Google is now blocking the requests of the worm (dubbed "Santy"), which should stop it for now (until a new worm comes, that uses another search engine ...). It's still strongly recommended to update phpBB, of course.

 

What's Related

Story Options

Offtopic: phpBB worm in the wild | 3 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Offtopic: phpBB worm in the wild
Authored by: RickW on Wednesday, December 22 2004 @ 08:45 AM EST
I posted information about this worm at http://www.antisource.com/article.php/20041221112101615 as well.

---
www.antisource.com

Offtopic: phpBB worm in the wild
Authored by: Agent X20 on Wednesday, December 22 2004 @ 04:08 PM EST
I got hit - but I'm running phpbb 2.0.11! What seems to have happened is that another site on the server running an old version of phpbb got hit and I had a few files not quite locked down permission wise and they got clobbered as well. Not good!
Offtopic: phpBB worm in the wild
Authored by: Turias on Wednesday, December 22 2004 @ 05:20 PM EST
Versions 0.75 and higher of the phpBBBridge all use phpBB 2.0.11, so if you are using one of those versions, you should be ok. If you are not, I would recommend upgrading immediately.
© 2002-2008 Geeklog
Created this page in 3.13 seconds		 Powered By Geeklog 1.4.1 
Hosted by pair.com