View Full Version : Santy:A worm - how vulnerable are we?
23rd December 2004, 04:33 PM
Recently a "worm" was discovered that used the Google search engine (along with others) to find certain vulnerable pHp:BB sites and then insinuated its way in and "defaced" the website. There are a couple of boards that I use that have been so infected. One of them has features similar to this board. Yet, I noticed that this board was not affected.
From what I have read pHpBB software is an "open source" software maintained by the pHpBB group. Just how vulnerable is a Linux system to something like this. Can it infect Linux servers? How about standalone Linux systems like home computers?
23rd December 2004, 04:51 PM
This board is vBulletin, not pHp:BB so, I think we are safe.
Anyway, Google is all over it (http://www.pcworld.com/news/article/0,aid,119029,00.asp).
23rd December 2004, 09:58 PM
Perhaps php updates help fix the vulnerability?
Even if you had a vulnerable phpBB, you would have to have permissions on your site that allowed it to be overwritten.
23rd December 2004, 10:11 PM
Ah permissions, you gotta love em sometimes.
24th December 2004, 12:37 AM
Ahhh .... this is nice to know.
I love Linux. !!!!! :)
25th December 2004, 09:31 AM
Ahh read my post:
Anyboard using some form of PHP will get zap.
Permission not a factor in this case as some boxes get rooted and bye bye all html,htm,php files.
In my post even my adult sites that i host for some peeps were wipe out all because of a forum running on same site.
Now this week there are several exploits for PHP alone better get PHP 4.3.10 and if using PHPBB better get latest version cause if you only update one or the other YOU WILL GET ZAP!!
I lost 60 boxes.......
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.