Updates
Security risk with phpBB boards
-
Site Update: Security risk with phpBB boards
Posted on December 21, 2004
Written by
Vixx (view more by Vixx)
Comments (0)
Filed under General, Updates
Following personal experience of such an attack, I thought I’d quickly mention this here so that, hopefully, I can prevent anyone else from undergoing the same fate!
As you can read here and here, there’s currently a rampant worm that’s seeking and exploiting older versions of phpBB bulletin boards. Once its attacked, your will usually see the following message on all pages with .html and .php extensions:
This site is defaced!!!
NeverEverNoSanity WebWorm generation [xx].
(Please note that the generation number can vary.)
At the moment it’s still not clear whether or not this is a security problem with the board itself or if it’s with PHP version 4.3.9, but advice at the moment is to ensure that your board is running on the latest version 2.0.11 of PHPBB in order to try and minimise attack. I’d also suggest backing up your board and site just in case.
I would imagine that there are quite a number of people who read this who may use this BB, so I hope that someone finds this useful!
V xx
Comments
Comments are closed for this entry.
