Re: PHP Worm

To: ratdeath@bredband.net
Cc: debian-security@lists.debian.org
Subject: Re: PHP Worm
From: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 21 Dec 2004 21:29:01 +0100
Message-id: <[🔎] 87wtvbtmya.fsf@deneb.enyo.de>
In-reply-to: <[🔎] 41C87F35.2000703@bredband.net> (Dane Johansson's message of "Tue, 21 Dec 2004 20:53:25 +0100")
References: <[🔎] 41C87F35.2000703@bredband.net>

* Dane Johansson:

> I hope I am sending this to the right list :)
>
> Today I read about a new Networm, see more here:
> http://www.europe.f-secure.com/v-descs/santy_a.shtml
>
> I then proceed to check what phpbb.com has to say
> about this and I find this:
> http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=248046

AFAIK, the worm uses the viewtopic.php vulnerability which was
disclosed in November:

  <http://www.securiteam.com/unixfocus/6J00O15BPS.html>

I still lack a credible confirmation, though.

Reply to:

Follow-Ups:
- Re: PHP Worm
  - From: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>

References:
- PHP Worm
  - From: Dane Johansson <ratdeath@bredband.net>

Prev by Date: Re: php vulnerabilities
Next by Date: Re: PHP Worm
Previous by thread: PHP Worm
Next by thread: Re: PHP Worm
Index(es):
- Date
- Thread