Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Worm hitting PHPbb2 Forums

from [Barrie Dempster] Network Security [Permanent Link]
Subject: Re: Worm hitting PHPbb2 Forums
Date: Tue, 21 Dec 2004 21:00:04 +0000 
On Tue, 2004-12-21 at 12:21 -0700, lists wrote:

Yea good catch, after looking into it a little further I found that it
wasn't related to that advisory, but rather to one from 11.13.04, the
exploit code of the original bug can be found on k-otik.com

Thanks for the info


More information:

Mis-reported and then corrected at the ISC -
http://isc.sans.org/diary.php?date=2004-12-21 

* The advisory is here - htp://howdark.com/ 
(it was there when the advisory was initially released but that site
seems down atm, included here in hope that howdark.com resurfaces)

* The fix is here - http://www.phpbb.com/phpBB/viewtopic.php?t=240513

* The exploit is here - http://www.howdark.com/poc/phpbb2010_hl.phps
(down as above, but included here as it was the original source, try
here http://www.k-otik.com/exploits/20041122.r57phpbb2010.pl.php )

* SNORT Rule is here - http://www.webservertalk.com/message554529.html

* If you got owned by this then your Christmas present is here
http://ysati.com hehe ;-P

With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

  http://www.bsrf.org.uk

[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Worm hitting PHPbb2 Forums, lists
Next by Date:  Re: Worm hitting PHPbb2 Forums, lists
Previous by Thread:  Re: Worm hitting PHPbb2 Forums, lists
Next by Thread:  RE: Worm hitting PHPbb2 Forums, Christopher Adickes
Indexes:  [Date] [Thread] [Top] [All Lists]