Re: [Full-Disclosure] new phpBB worm affects 2.0.11
From: Andrew Farmer (andfarm_at_teknovis.com)
Date: 12/27/04
- Previous message: Nancy Kramer: "Re: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow"
- In reply to: Herman Sheremetyev: "[Full-Disclosure] new phpBB worm affects 2.0.11"
- Next in thread: Andrew Farmer: "Re: [Full-Disclosure] new phpBB worm affects 2.0.11"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Herman Sheremetyev <herman@swebpage.com> Date: Sun, 26 Dec 2004 15:42:08 -0800
On 24 Dec 2004, at 14:06, Herman Sheremetyev wrote:
> My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new
> variation of the worm this morning. I'm attaching the 2 perl scripts
> it installs, one is an irc bot the other the worm itself.
The worm code attached uses the same old 2.0.10 highlight
vulnerability. You probably hadn't patched all your phpBB installs
properly.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Nancy Kramer: "Re: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow"
- In reply to: Herman Sheremetyev: "[Full-Disclosure] new phpBB worm affects 2.0.11"
- Next in thread: Andrew Farmer: "Re: [Full-Disclosure] new phpBB worm affects 2.0.11"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
