....
 

Guardian Digital Inc. > InfoCenter > Mailing List Archives > Full Disclosure

Full Disclosure Mailing List Archive

From: Andrew Farmer (andfarm@teknovis.com)
Date: Sun Dec 26 2004 - 18:40:08 EST


On 24 Dec 2004, at 14:06, Herman Sheremetyev wrote:
> My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new
> variation of the worm this morning. I'm attaching the 2 perl scripts
> it installs, one is an irc bot the other the worm itself.

The worm code attached uses the same old 2.0.10 highlight
vulnerability. You probably hadn't patched all your phpBB installs
properly.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




[ About Guardian Digital ] - [ Press Center ] - [ Contact Us ] - [ System Activation ] - [ Reseller Info ] - [ Online Store ] - [ Site Map ]
Copyright (c) 2000 - 2004 Guardian Digital, Inc. Linux Lockbox and EnGarde are Trademarks of Guardian Digital, Inc.