FYI [Fwd: Re: PHP Worm]
hanasaki
hanasaki at hanaden.com
Tue Dec 21 14:34:58 CST 2004
-------- Original Message --------
Subject: Re: PHP Worm
Resent-Date: Tue, 21 Dec 2004 14:29:07 -0600 (CST)
Resent-From: debian-security at lists.debian.org
Date: Tue, 21 Dec 2004 21:29:01 +0100
From: Florian Weimer <fw at deneb.enyo.de>
To: ratdeath at bredband.net
CC: debian-security at lists.debian.org
References: <41C87F35.2000703 at bredband.net>
* Dane Johansson:
> I hope I am sending this to the right list :)
>
> Today I read about a new Networm, see more here:
> http://www.europe.f-secure.com/v-descs/santy_a.shtml
>
> I then proceed to check what phpbb.com has to say
> about this and I find this:
> http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=248046
AFAIK, the worm uses the viewtopic.php vulnerability which was
disclosed in November:
<http://www.securiteam.com/unixfocus/6J00O15BPS.html>
I still lack a credible confirmation, though.
More information about the Kclug
mailing list