1 posts by 1 authors in: Forums > Off Topic / Other
Last Post: December 22, 2004   (RSS)

By Luke - December 22, 2004

Hi everyone,

If any of you are running a forum using an older version of phpBB, please read the following.

Just the other day we received a support request that a customer's site had been defaced by a web worm. Doing more research, I've also read reports that other sites had been exploited by this same worm.

The worm, named Santy.a, spreads via phpBB by exploiting a vulnerability in older versions of the program. Using Google, the worm finds vulnerable websites that have phpBB installed. Once it gains control of the site, the worm replaces HTML, PHP, ASP, JSP, and SHTML pages with webpages that contain the words "NeverEverNoSanity WebWorm generation 1" or something similar.

There's an article on the problem that can be found here:
http://news.zdnet.com/2100-1009_22-5499725.html

If any of you are running an older version of phpBB, please upgrade phpBB as soon as you can. More information can be found at:
http://www.phpbb.com/phpBB/viewtopic.php?t=240636

I hope this helps.
Luke Holzken
Product Development