Found security expliot in port phpBB 2.0.8 FreeBSD4.10

Jerry Bell jerry at syslog.org
Mon Dec 27 17:28:21 PST 2004


The update for phpbb came out a while ago, and it looks like the ports
were updated on 11/25/2004.  Have you tried updating the ports?  I think
this is already addressed.

On a side note, I'm suprised you didn't get hit by the worm (unless it
happened before the worm came out).  There is a new worm out now that
attacks some weak php programming, though it's not very widespread.  See
http://www.syslog.org/Article10.phtml for a little more detail.

I don't know if it's a worm or not, but I'm seeing people trying to attack
my site pretty frequently lately.

Best regards & happy holidays,

Jerry
http://www.syslog.org

> I think, there is a neat exploit in the phpbb2.0.8 because I found my home
> page defaced one dark morning. The patch for phpBB is here.
> http://www.phpbb.com/downloads.php
>
> The excerpt of the log is attached.
>
> I believe the link to the described exploit is here.
> http://secunia.com/advisories/13239
>
> The defacement braggen page is here filter to show the exploited FreeBSD
> machines that aneurysm.inc has defaced
> http://www.zone-h.org/en/defacements/filter/filter_defacer=aneurysm.inc/filter_system=FreeBSD/page=1/
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe at freebsd.org"
>




More information about the freebsd-security mailing list