phpBB <= 2.0.10 vulnerability

carlswart · Unread post by **carlswart** » Wed Dec 22, 2004 2:33 am

There is a new worm exploiting the vulnerability in phpBB, as described in the URL below:
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513

For more information on the worm see: http://vil.nai.com/vil/content/v_130471.htm

Is there an easy and realiable way to identify all phpBB installations on our servers? I suppose searching for viewtopic.php is a good start.

ART, will you be releasing an updated RPM for the phpBB application ?

carlswart · Unread post by **carlswart** » Wed Dec 22, 2004 5:03 am

I have posted a small Perl script to detect possible vulnerable phpBB installations. The script also enables a workaround.

Please see my phpBB page, located at the following URL: http://www.carlswart.co.za/phpbb/

Unread post by **scott** » Wed Dec 22, 2004 4:28 pm

Yeah, but its the holidays and I run grsec....sooo... it doesnt really effect me

I'll get to it soon though

Unread post by **scott** » Wed Dec 22, 2004 4:49 pm

Haha, apparently I went back in time and released phpBB 2.0.11 on December 1

Look in the app vault channel

carlswart · Unread post by **carlswart** » Wed Dec 22, 2004 11:57 pm

scott thank you so much!!!

I were asleep. I saw the post about the app-vault channel, but did not add it to my yum.conf. Sorry!

Unread post by **scott** » Thu Dec 23, 2004 12:43 am

heh, its OK. I forgot about it too