FAO: Petrucci
#1
15K+ Super Poster!!
Thread Starter
Join Date: May 2003
Location: Bucks
Posts: 17,976
Likes: 0
Received 0 Likes
on
0 Posts
FAO: Petrucci
Hi Pet,
I work in computing and just wanted to make you aware of the below problem which could cause PF to be defaced, as per a few other sites recently I notice we are running on version 2.0.6 phpBB and people within our company have been urged to upgrade to version 2.0.11. Please see below for more info.
(You may already be aware of this, but just though't i'd let you know!!)
Cheers
I work in computing and just wanted to make you aware of the below problem which could cause PF to be defaced, as per a few other sites recently I notice we are running on version 2.0.6 phpBB and people within our company have been urged to upgrade to version 2.0.11. Please see below for more info.
(You may already be aware of this, but just though't i'd let you know!!)
Cheers
phpBB
-----
If you are running phpBB please make sure that you have upgraded to
version 2.0.11 (released in November)
A worm (Sanity, Santy) taking advantage of the 'highlight' vulnerability
found in phpBB version 2.0.10 and earlier has been defacing websites. It uploads and executes a perl script. Please
check your website.
While the current version of the worm is believed to have been stopped by
Google blocking the initial search requests from the worm it is likely, as
the source code has been released, that variants will be seen that use
different methods.
See reports on:-
http://isc.sans.org/diary.php?date=2...a32bc3ee3d5ba2
http://www.viruslist.com/en/weblog
http://www.f-secure.com/weblog/
-----
If you are running phpBB please make sure that you have upgraded to
version 2.0.11 (released in November)
A worm (Sanity, Santy) taking advantage of the 'highlight' vulnerability
found in phpBB version 2.0.10 and earlier has been defacing websites. It uploads and executes a perl script. Please
check your website.
While the current version of the worm is believed to have been stopped by
Google blocking the initial search requests from the worm it is likely, as
the source code has been released, that variants will be seen that use
different methods.
See reports on:-
http://isc.sans.org/diary.php?date=2...a32bc3ee3d5ba2
http://www.viruslist.com/en/weblog
http://www.f-secure.com/weblog/
#6
Originally Posted by adamS2RST
OK,
Good to hear... I just wondered why we still running
Good to hear... I just wondered why we still running
Powered by phpBB 2.0.6 Š 2001, 2002 phpBB Group
If you look at various features we have you will quickly realise that this forum is very very far from most php programs and is personally coded by Pet inncluding anysecurity updates re written BY HAND instead of by PHPBB scripts that may overwrite our unique features thus the 2.0.6 means nothing really and also serves as a security feature by not informing hackers exactly what version of software we have
Hope this helps?
#7
PassionFord Post Whore!!
Join Date: Dec 2002
Location: Toulon, France
Posts: 6,013
Likes: 0
Received 0 Likes
on
0 Posts
Trending Topics
#10
PassionFord Post Whore!!
Join Date: Dec 2002
Location: Toulon, France
Posts: 6,013
Likes: 0
Received 0 Likes
on
0 Posts
lol @ chip-3door
i may not use the right words everytime mate, i'm not english remember
as long as you understand what i mean (AFAIK, a keyboard is used with hands too, no ?
adam, read the topic link i sent, you will understand precisely what i mean .
i may not use the right words everytime mate, i'm not english remember
as long as you understand what i mean (AFAIK, a keyboard is used with hands too, no ?
adam, read the topic link i sent, you will understand precisely what i mean .
#14
PassionFord Post Whore!!
Join Date: Dec 2002
Location: Toulon, France
Posts: 6,013
Likes: 0
Received 0 Likes
on
0 Posts
There you go again for those wondering
The 2.0.6 is there because it's the version of PHPBB that was the newest when we launched PF. So that's the initial build... from which I started to recode almost everything and upgrade flaws, features, etc etc.
I work everyday on our code, i don't wait for PHPBB upgrades
Originally Posted by Petrucci
thanks pal. Just wanted to make clear that as an ISP, i'm aware of security flaws a bit before they are spread all over the world's ears, and i'm always there to rewrite and change lots of code lines in our software to protect and improve us.
As it has been stated before, almost 80% of this PHPBB has been rewritten by my hands, so don't bother the written version down the page, which is there for copyright purposes, OUR passionford is VERY far from a standard PHPBB release, and often rather very far ahead in fact
As it has been stated before, almost 80% of this PHPBB has been rewritten by my hands, so don't bother the written version down the page, which is there for copyright purposes, OUR passionford is VERY far from a standard PHPBB release, and often rather very far ahead in fact
I work everyday on our code, i don't wait for PHPBB upgrades
#16
15K+ Super Poster!!
Thread Starter
Join Date: May 2003
Location: Bucks
Posts: 17,976
Likes: 0
Received 0 Likes
on
0 Posts
adam, read the topic link i sent, you will understand precisely what i mean
The 2.0.6 is there because it's the version of PHPBB that was the newest when we launched PF. So that's the initial build... from which I started to recode almost everything and upgrade flaws, features, etc etc.
I work everyday on our code, i don't wait for PHPBB upgrades
I work everyday on our code, i don't wait for PHPBB upgrades
Thread
Thread Starter
Forum
Replies
Last Post
Chris S
General Car Related Discussion.
4
04-01-2007 07:11 PM
Stu @ M Developments
General Car Related Discussion.
43
21-06-2006 08:57 PM
Stu @ M Developments
General Car Related Discussion.
97
22-05-2006 11:25 AM
Disabled Account
General Car Related Discussion.
14
25-10-2005 06:55 AM