phpBB worm FUD

Friday, December 24th 2004, 12:07 CET

Dieren, The Netherlands

Everybody who thinks that the Santy.A worm uses one of the security problems addressed in PHP's latest bugfix releases is wrong. It was NOT due to any bug in PHP, but merely a badly checked input variable which was passed to preg with the /e modifier. Besides this, phpBB is also vulnarable for some of the things address by PHP's new releases. But they are wrong saying that it is not their fault. Not-checked usage of serialized data is still their problem. Short version: use FUDforum .

Become a Patron!

Shortlink

This article has a short URL available: https://drck.me/phpbb-worm-fud-3hp

Comments

No comments yet

Add Comment

Name:
Email:	Will not be posted. Please leave empty instead of filling in garbage though!
Comment:	Please follow the reStructured Text format. Do not use the comment form to report issues in software, use the relevant issue tracker. I will not answer them here.
	All comments are moderated

Become a Patron!

My Amazon wishlist can be found here.

Human-Made Webring
previous | random | next

Life Line

Created 6 benches, a main entrance, and a bicycle_parking; Updated 2 main entrances

51.53° N, 0.19° W — osm — Jun 16th, 13:27 UTC
Created 4 trees, a balancebeam, and 3 other objects; Updated 5 benches and 2 waste_baskets

51.53° N, 0.19° W — osm — Jun 16th, 13:09 UTC
Merge branch 'xdebug_3_5'

github:xdebug/xdebug — Jun 16th, 08:18 UTC
Merged pull request #1092

github:xdebug/xdebug — Jun 16th, 08:18 UTC
Use actual PID here, as we use that to be able to connect

github:xdebug/xdebug — Jun 15th, 23:32 UTC
Created 2 main entrances; Updated a vacant shop, a furniture shop, and a cafe; Confirmed an estate_agent office, a laundry shop, and 4 other objects

51.53° N, 0.18° W — osm — Jun 15th, 14:11 UTC
Merged pull request #1091

github:xdebug/xdebug — Jun 15th, 09:58 UTC
PHP 8.6: Fixed test expectation for 'debugInfo' name in error

github:xdebug/xdebug — Jun 15th, 09:07 UTC
Add 'strace' to run-xdebug-tests.php command

github:xdebug/xdebug — Jun 15th, 09:06 UTC
Oystercatcher Parent and Chick
Standing on the edge of a lake in the Arundel Wetlands.
#birds #birdPhotography #Birdsoffediverse #Photography #Nature #Wildlife

mastodon — Jun 14th, 16:41 UTC
Updated 2 main entrances

51.53° N, 0.19° W — osm — Jun 14th, 11:27 UTC
Fixed tagging and bollard location

51.51° N, 0.14° W — osm — Jun 14th, 10:47 UTC
I hiked 8.7km in 4h4m28s

runkeeper — Jun 13th, 09:44 UTC
Updated a restaurant

51.52° N, 0.16° W — osm — Jun 12th, 19:01 UTC
Updated a restaurant

51.52° N, 0.16° W — osm — Jun 12th, 19:00 UTC
Updated a restaurant

51.52° N, 0.16° W — osm — Jun 12th, 18:59 UTC
I walked 5.5km in 56m26s

runkeeper — Jun 12th, 17:04 UTC
Created an entrance

51.53° N, 0.19° W — osm — Jun 12th, 13:26 UTC
I walked 5.7km in 1h20m50s

runkeeper — Jun 12th, 11:51 UTC
Updated a fitness_centre; Confirmed a charging_station

51.53° N, 0.20° W — osm — Jun 11th, 22:59 UTC
I walked 4.0km in 47m13s

runkeeper — Jun 11th, 09:26 UTC
I walked 1.1km in 9m32s

runkeeper — Jun 11th, 08:12 UTC
Also, whatnow‽
`GET /icons/blank.gif HTTP/1.1" 200 398 "https://downloads.php.net/~windows/pecl/releases/?utm_source=chatgpt.com`
WTF does that need an `utm_source` for?

mastodon — Jun 10th, 17:45 UTC
I sometimes wish cache expiries could be fuzzy, like 900±15 seconds. Y'know, to prevent the thundering herd effect.
#php #sysadmin

mastodon — Jun 10th, 17:43 UTC
Created a chemist shop

51.54° N, 0.19° W — osm — Jun 10th, 12:39 UTC