Re: [logs] FW: phpBB Worm

• Previous message: Phil Hollows: "[logs] [OT:Humor] Twas the night before Christmas, and all through the LAN no malware was stirring ..."
• In reply to: Jack Coates: "Re: [logs] FW: phpBB Worm"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Tue, 21 Dec 2004 16:46:33 -0800 Jack Coates <jack@private> wrote:

> Tina Bird wrote:
> > Hi list -- There's a new exploit hitting Web servers with PHP enabled.  The
> > 'sploit leaves clear signatures in Web server access logs; I've taken the
> > liberty of forwarding a message from another list that includes forensics.
> > 
> > cheers, merry winter holidays -- tbird

> Any risk to php systems without phpbb?

apparently not from the current worm, but the vulnerabilities are in php,
and you _should_ install the latest version of php4 or php5 to close them,
just in case another worm comes along that abuses something you have
installed.

richard
-- 
Richard Welty                                         rwelty@private
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security

_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Previous message: Phil Hollows: "[logs] [OT:Humor] Twas the night before Christmas, and all through the LAN no malware was stirring ..."
• In reply to: Jack Coates: "Re: [logs] FW: phpBB Worm"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Dec 22 2004 - 16:53:10 PST