Found security expliot in port phpBB 2.0.8 FreeBSD4.10

Julian Elischer julian at elischer.org
Mon Dec 27 18:18:33 PST 2004



Jerry Bell wrote:

>The update for phpbb came out a while ago, and it looks like the ports
>were updated on 11/25/2004.  Have you tried updating the ports?  I think
>this is already addressed.
>
>On a side note, I'm suprised you didn't get hit by the worm (unless it
>happened before the worm came out).  There is a new worm out now that
>attacks some weak php programming, though it's not very widespread.  See
>http://www.syslog.org/Article10.phtml for a little more detail.
>
>I don't know if it's a worm or not, but I'm seeing people trying to attack
>my site pretty frequently lately.
>
>Best regards & happy holidays,
>
>Jerry
>http://www.syslog.org
>

might be a good idea if we "urged" users to update their phpbb  a bit 
more vocally.




More information about the freebsd-security mailing list