Webmaster Key - Discussion Forums
Home Help Search Calendar Login RegisterContact Us


Welcome, Guest. Please login or register.
Did you miss your activation email?
February 09, 2012, 03:48:36 AM

Login with username, password and session length
Welceome to Forums!

Important information for guests and new members:

In order to understand the full benefits of becoming an active member of this forum, please review the following information on guest and new member restrictions. These forum changes have been prompted by an overwhelming and unreasonable amount of bot postings and incoherent guest spam messages. We wish to prevent these events from happening in the future and make our community a more comfortable place for all of our members.

For guests:

Guests are not allowed to open new topics, polls, or posts attachments.
If you wish to open up new discussions on this forum, we encourage you to register.

For new members:

New members with less than five posts are not allowed to modify additional profile information such as avatars, contact information, biographies, and signatures. However, new members are encouraged to post their own topics or reply to topics initiated by other members. Become active on the forums and 5 posts should be an easy task!

We are a diverse community with members from all over the world. We encourage new ideas and interesting conversation. Do not be afraid to post webmaster/computer-related questions or problems, as our active members are always willing to help when they are able. Interested? Join us.

+ Webmaster Key Forums
|-+ General Discussion
| |-+ Cut Loose Saloon
| | |-+ Webmasters need to be cautious!		 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Stumble Upon! Digg It! del.icio.us! Add to Technorati! ReddIt!  Send this topic Print
Author Topic: Webmasters need to be cautious!  (Read 1922 times)
Michael Guilfoyle-m6.net
Contributor
Full Member
***
Posts: 148


I'm a llama!


WWW
« on: December 22, 2004, 05:31:02 AM »
A NEW internet worm has launched a Google-powered assault on web bulletin boards that use the popular phpBB forum software.

Dubbed "Perl.Santy.A", or "Santy", the worm attacks web servers rather than desktop PCs, a warning posted online by Finnish internet security company F-Secure said.
The worm uses Google to search randomly for new hosts, F-Secure said.

There have been serious vulnerabilities found in the phpBB software in the past and this incident underlines the importance of all people keeping up to date with the latest security patches and fixes," anti-virus firm Sophos senior technology consultant Graham Cluley said

For more details read http://australianit.news.com.au/articles/0,7204,11759816%5e16123%5e%5enbv%5e,00.html

[edit]just make a link in the post clickable.[/edit]
« Last Edit: December 22, 2004, 07:19:46 AM by SensoVision » Report to moderator   Logged
Cheers,
Priyanka,
Windows web hosting with ASP,.NET,PHP,MySQL,Perl support
 We help you in making your dreams come true on net!
SensoVision
Administrator
Veteran
*****
Posts: 5 857


I'm proud user of Debian GNU/Linux OS


WWW
« Reply #1 on: December 22, 2004, 07:21:25 AM »
thanks Prianka! Hopefully it would help someone to avoid defacing and upgrade script before it happens.
BTW Heidi also post warning about this worm here:
http://forum.weblamp.net/index.php?topic=3553.0
Report to moderator   Logged
Denis
spherica
Key Keeper
Sr. Member
****
Posts: 277


Consultant


WWW
« Reply #2 on: December 22, 2004, 08:13:28 AM »
Here is the actual fix to stop this worm, you really should upgrade to phpbb version 2.0.11, but if you can't figure it out, at the VERY LEAST, make this change

Open viewtopic.php in any text editor. (I use TextPad, its free for trial)
Quote
//
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
   // Split words and phrases
   $words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));

   for($i = 0; $i < sizeof($words); $i++)
   {
 

and replace with:
Quote


//
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
   // Split words and phrases
   $words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));

   for($i = 0; $i < sizeof($words); $i++)
   { 
Report to moderator   Logged
Regards
Seph B

Frequently Asked Directory | sphericom Directory | Rizzo's Info | spherinet
Pages: [1] Go Up Stumble Upon! Digg It! del.icio.us! Add to Technorati! ReddIt!  Send this topic Print 
+ Webmaster Key Forums
|-+ General Discussion
| |-+ Cut Loose Saloon
| | |-+ Webmasters need to be cautious!
Jump to:  
« previous next »

Our Partners
RelmaxTOP Ranking System Web Hosting RelmaxTOP Ranking System
Staff Sites
12Noon[12Noon Gallery] Andy[Urgentclick]
Tamuril[Tamuril's Digital Art Exhibit] Sensovision
Powered by MySQL Powered by PHP We are hosted by Relmax Inc. |Our Privacy Policy | Sitemap
Powered by SMF 1.1.9 | SMF © 2006-2009, Simple Machines LLC
Forum design by Tamuril © 2005. 		Valid XHTML 1.0! Valid CSS!