Re: About phpbb vulnerability

• Previous message: Vincent: "Re: Unix jumpbox \ console"
• In reply to: Marc Soler: "About phpbb vulnerability"
• Next in thread: Anders Blockmar: "re: About phpbb vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Marc Soler" <msoler@el-valles.com>, <security-basics@securityfocus.com>
Date: Wed, 28 Jan 2004 16:59:36 -0600

Marc

in fact, if you are subscribed to the security-focus vulnearbilities
announces, you should by now had notice about the vulnerability found in
several packwages which use php.

upgrade ASAP

With Regards
Gabriel Orozco
Sysadmin

----- Original Message -----
From: "Marc Soler" <msoler@el-valles.com>
To: <security-basics@securityfocus.com>
Sent: Wednesday, January 28, 2004 12:38 PM
Subject: About phpbb vulnerability

> Hi all,
>
> Someone knows that it has been noticed some bug in phpbb that
> allows bad boys to upload file to the server when phpbb is installed?
> (Phpbb is a extended PHP-based board bulletin.)
>
> We have hack problems in our server and we suspect that is from php
scripts
> uploaded using some phpbb hole.
>
> I have googled about some known phpbb holes, but I haven't found
> anything about upload files vulnerability.
>
> Someone have information related?
>
> Thanks in advance.
>
> PS: Sorry about my no-native english
>
> --
> Marc Soler
>
>
>
> --------------------------------------------------------------------------
-
> Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
> course! All of our class sizes are guaranteed to be 10 students or less.
> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention,
> and many other technical hands on courses.
> Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
> any course!
> --------------------------------------------------------------------------

--
>
>
---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------

• Previous message: Vincent: "Re: Unix jumpbox \ console"
• In reply to: Marc Soler: "About phpbb vulnerability"
• Next in thread: Anders Blockmar: "re: About phpbb vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]