| reply to dualsmp
Re: WebWorm generation 14? Cert link to the problem »www.us-cert.gov/cas/techalerts/T···56A.html
quote:
phpBB is an open-source bulletin board application. It fails to properly perform an urldecode() on the "highlight" parameter supplied to viewtopic.php. This may allow a remote attacker to execute arbitrary commands on a vulnerable server.
According to reports, this vulnerability is being actively exploited by the Santy.A worm. The worm appears to propogate by searching for the keyword "viewtopic.php" in order to find vulnerable sites.
--
My family site |
|
| Santy Worm, I'm getting this on virtual servers where I'm not running PHP or phpbb can it infect other accounts? |
|
