Need Info on phpBB Vulnerability
by Sam Bacsa · in General Discussion · 11/16/2005 (10:29 pm) · 1 replies
EDIT - Nevermind, got it taken care of :D
__________________________________________
Hey all,
Just received a call from one of the admins I used to work in a NOC with in LA. Apparently there's some phpBB vulnerability going on that turns your server into a zombie synflooding machine, going on IRC and waiting for commands, then scans Google for more hosts to infect.
The SANS report is here.
He's asked me for help to resolve this issue (ie, uninfect the crap that's been infected thus far), but I have no idea... so if someone here on the GG forums can provide any insight into this, it'd be appreciated.
What I'd really like to have is the source code for this thing so that I can pass this info onto my buddy (and also secure my own systems). I have a feeling if safe mode is on, then you're immune to it (for obvious reasons), but as you know there are plenty of boards out on the web which aren't.
Even if I can't get the source, I'd really like to know how this damn thing works so I can help lock it down.
Thanks in advance!
- Sam
__________________________________________
Hey all,
Just received a call from one of the admins I used to work in a NOC with in LA. Apparently there's some phpBB vulnerability going on that turns your server into a zombie synflooding machine, going on IRC and waiting for commands, then scans Google for more hosts to infect.
The SANS report is here.
He's asked me for help to resolve this issue (ie, uninfect the crap that's been infected thus far), but I have no idea... so if someone here on the GG forums can provide any insight into this, it'd be appreciated.
What I'd really like to have is the source code for this thing so that I can pass this info onto my buddy (and also secure my own systems). I have a feeling if safe mode is on, then you're immune to it (for obvious reasons), but as you know there are plenty of boards out on the web which aren't.
Even if I can't get the source, I'd really like to know how this damn thing works so I can help lock it down.
Thanks in advance!
- Sam
About the author
Torque Owner Anders Jacobsen
Edit: Crap, missed the taken care of part ;D