Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: [Full-Disclosure] new phpBB worm affects 2.0.11
.

  • To: Herman Sheremetyev <[EMAIL PROTECTED]>
  • Subject: Re: [Full-Disclosure] new phpBB worm affects 2.0.11
  • From: Andrew Farmer <[EMAIL PROTECTED]>
  • Date: Sun, 26 Dec 2004 15:40:08 -0800
  • Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
  • Sender: [EMAIL PROTECTED]
.
 
On 24 Dec 2004, at 14:06, Herman Sheremetyev wrote:
My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new variation of the worm this morning. I'm attaching the 2 perl scripts it installs, one is an irc bot the other the worm itself.
The worm code attached uses the same old 2.0.10 highlight vulnerability. You probably hadn't patched all your phpBB installs properly.

Attachment: PGP.sig
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.