[nycphp-talk] php bulletin boards
1j0lkq002 at sneakemail.com
Mon Jan 3 21:40:55 EST 2005
Jason N.Perkins jperkins-at-sneer.org |nyphp dev/internal group use| wrote:
> On Jan 3, 2005, at 4:58 PM, Steve Manes wrote:
>> Yury Rush wrote:
>>> Hi -- there was an exploit a few weeks ago that affected phpBB
>>> thousands were hacked via a worm that found phpBB sites using google's
>> That exploit is actually a bug in PHP's unserialize(), not PHPBB.
>> There are several exploits in 4.3.9 and 5.0.2:
> The Sanity phpBB worm used the phpBB Highlight Vulnerability which
> has nothing to do with the unserialize vulnerability. As (only)
> Derick Rethans could put it:
> "Everybody who thinks that the Santy.A worm uses one of the security
> problems addressed in PHP's latest bugfix releases is wrong. It was
> NOT due to any bug in PHP, but merely a badly checked input variable
> which was passed to preg with the /e modifier. Besides this, phpBB is
> also vulnarable for some of the things address by PHP's new
> releases. But they are wrong saying that it is not their fault.
> Not-checked usage of serialized data is still their problem. Short
> version: use FUDforum."
> Original link: <http://www.derickrethans.nl/month-2004-12.php?
> More info at:
> This isn't to chastise Steve - phpBB rushed with the story that it
> wasn't there fault.
> Jason N Perkins
I posted this on the 22nd of December, although it seemed like the
highlight patch was removed sometime ater it was originally posted to
phpBB website (?) :
Secunia Advisory 12/30/2004: "Almost every single branch of the Microsoft Windows operating system is vulnerable to several new vulnerabilities... no vendor solution is available for these vulnerabilities."
More information about the talk