Net worm using Google to spread

TalkBack 45 of 47:: Next »; « Previous

Thread View
Flat View

In the interest of not cross threading..: ..I am just going to start a new thread.

My apologies Richard and linuxover, but if you follow this link in the article..

http://news.zdnet.com/2100-1009_22-5496086.html?tag=nl

It says the original flaw IS in PHP. This worm (worm? behaves more like a self replicating trojan, but ok) simply targets PHPbb forums. So one way or another, PHP did / does have a security vulnerability.

Now then, if I understand you correctly Richard, you are saying that PHPbb (pre-version 2.0.11) made an incorrect call to the PHP highlight function? ..or was PHPbb making a call to a PHP function that had (still has?) a security vulnerability?

The reason I would like to make a finite point of this is that PHPbb ver. 2.0.11 has been out for quite some time, but this report says the PHP bug was discovered last week. The release date was November 18th. Here's the original release thread:

http://www.phpbb.com/phpBB/viewtopic.php?t=240636

Here's their comments on the Santy.A worm:

http://www.phpbb.com/phpBB/viewtopic.php?t=244451

At best, this particular ZDnet article is confusing, to say the least. I am guessing that PHPbb knew that they were calling a PHP function with a security vulnerability some time ago, and PHP just announced the vulnerability last week. That makes the most sense.

At any rate, I would advise that Admins make sure that BOTH their PHP and their PHPbb are as up to date as possible. This particular bug took advantage of an old version of PHPbb to call the insecure function, but sure as night follows day, there are bound to be other systems and sites out there calling the same flawed function.

By the by, I have huge respect for Google. That said, shame on them for not cutting this short the moment it was discovered. I hope they do some serious soul searching and turn over the relevent records of who started this non-sense to the authorities. I suppose if nothing else, this will serve as a rather rude wake-up call to those Admins who haven't been keeping their software up to date.; Posted by: Crogon Posted on: 12/22/04 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Good Reporting!!! ppc3400c | 12/21/04

Re: Good Reporting!!! Stu22 | 12/21/04

Oh, boy... Grayson Peddie | 12/21/04

Re: Oh, boy... Stu22 | 12/21/04

they found this last week? linuxoverwindows | 12/21/04

Blame the messenger Bil94134 | 12/21/04

id-10t's linuxoverwindows | 12/21/04

I hope they won't be messing up my message board... Grayson Peddie | 12/21/04

Corrections Richard Flude | 12/21/04

You can do better than this Robert Lemos chiwawa | 12/21/04

Internet is a festering hole. dlezon@... | 12/21/04

Back in your hole, prariedog? PMC-CON | 12/21/04

Google wilfully spreading lies dataless | 12/21/04

But is this just Google? johnlb2002 | 12/21/04

Incorrect hawkeyeaz1 | 12/21/04

yeah... and... linuxoverwindows | 12/21/04

what about my driveway? linuxoverwindows | 12/21/04

Not 6 million sites - 6m pages myob2 | 12/21/04

you beat me to it sad

linuxoverwindows | 12/21/04

Wrong? phpBB is open-source? Many eyes ... PMC-CON | 12/21/04

php, not phpBB linuxoverwindows | 12/21/04

This is not the case Richard Flude | 12/21/04

ok, i reread, what am i looking for besides this? linuxoverwindows | 12/22/04

Nearly perfect. Nothing is perfect. And when bjbrock | 12/21/04

Good point, this was fixed in July halleyscomet | 12/22/04

Thought I read first safe version in Nov.? (NT) Anton Philidor | 12/22/04

THIS, was not fixed in July bumberfsck | 12/22/04

Yup - Shoot the Messenger vkooi@... | 12/21/04

Google has only a fraction of the information on the web toady simonettaj | 12/21/04

Google gselby4@... | 12/21/04

enough Google info? tswanson@... | 12/21/04

Have you Googled yourself today? Squawkbox | 12/21/04

Become enlightened farglenater | 12/21/04

Time to become enlightened yourself bumberfsck | 12/22/04

PHP flaw der!! Crogon | 12/22/04

thats what i pointed out earlier. linuxoverwindows | 12/22/04

Open your eyes - Update PHPBB Horus_Kol | 12/22/04

Where the problem is... blythkeith | 12/22/04

second linuxoverwindows | 12/22/04

veeeeeery funny :-s Huggle | 12/22/04

This worm doesn't "infect" bumberfsck | 12/22/04

infest linuxoverwindows | 12/22/04

go back to .. dog - back to paper and pen linkerm@... | 12/22/04

Making things easy to read... Wolfie2K3 | 12/22/04

In the interest of not cross threading.. Crogon | 12/22/04

Just a quick update.. Crogon | 12/22/04

PHPbb Official response Crogon | 12/23/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Meet Doc

Here to help you with your Document Management Needs
Check out Doc’s Blog on ZDNet
Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
Produced by
ZDNet and

Read the original story

Net worm using Google to spread

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Meet Doc

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads