Full Disclosure mailing list archives
Re: new phpBB worm affects 2.0.11
From: Andrew Farmer <andfarm () teknovis com>
Date: Sun, 26 Dec 2004 15:40:08 -0800
On 24 Dec 2004, at 14:06, Herman Sheremetyev wrote:
My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new variation of the worm this morning. I'm attaching the 2 perl scripts it installs, one is an irc bot the other the worm itself.
The worm code attached uses the same old 2.0.10 highlight vulnerability. You probably hadn't patched all your phpBB installs properly.
Attachment:
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- new phpBB worm affects 2.0.11 Herman Sheremetyev (Dec 25)
- Re: new phpBB worm affects 2.0.11 Andrew Farmer (Dec 26)
- Re: new phpBB worm affects 2.0.11 ^^MAg^^ (Dec 27)
- Re: new phpBB worm affects 2.0.11 Andrew Farmer (Dec 27)
- <Possible follow-ups>
- Re: Re: new phpBB worm affects 2.0.11 Paul Laudanski (Dec 29)