phpBB worm FUD

Dieren, the Netherlands

Friday, December 24th 2004, 12:07 CET

Everybody who thinks that the Santy.A worm uses one of the security problems addressed in PHP's latest bugfix releases is wrong. It was NOT due to any bug in PHP, but merely a badly checked input variable which was passed to preg with the /e modifier. Besides this, phpBB is also vulnarable for some of the things address by PHP's new releases. But they are wrong saying that it is not their fault. Not-checked usage of serialized data is still their problem. Short version: use FUDforum .

Shortlink

This article has a short URL available: http://drck.me/phpbb-worm-fud-3hp

Comments

No comments yet

Add Comment

Name:
Email:	Will not be posted. Please leave empty instead of filling in garbage though!
Comment:	Please follow the reStructured Text format. Do not use the comment form to report issues in software, use the relevant issue tracker. I will not answer them here.
	All comments are moderated

Life Line

I walked 17.6km in 2h45m21s

runkeeper — Jun 19th, 06:17 UTC
I walked 9.0km in 1h28m31s

runkeeper — Jun 18th, 15:19 UTC
In other words, @PhilipHammondUK is being thrown under the bus. https://t.co/JYOCFEE8ei

twitter — Jun 18th, 08:17 UTC
I walked 15.7km in 2h28m44s

runkeeper — Jun 17th, 08:14 UTC
I walked 10.9km in 1h39m32s

runkeeper — Jun 16th, 13:34 UTC
Merge pull request #851

github:derickr/mongo-php-driver — Jun 15th, 23:08 UTC
Test suite compatibility with server 4.0.0-rc5

github:derickr/mongo-php-driver — Jun 15th, 20:47 UTC
I walked 18.3km in 2h52m28s

runkeeper — Jun 15th, 11:03 UTC
Hey @phpsw, what's that lapel mike you're using again?

51.53° N, 0.20° W — twitter — Jun 14th, 21:47 UTC
Confused people and a camera crew when the Beatles Stripes are repainted @Abbey Road Crossing

51.53° N, 0.18° W — foursquare — Jun 14th, 16:48 UTC
I walked 14.9km in 2h20m54s

runkeeper — Jun 14th, 06:48 UTC
It was great speaking at @phpsw tonight. Even managed to sneak in a slide or two on @MongoDB 's date/time support.… https://t.co/jtY5zwry6U

51.46° N, 2.58° W — twitter — Jun 13th, 22:34 UTC
Next office: A boat! @ @AppleCiderCo #phpsw https://t.co/M83eQlV4N4

51.45° N, 2.59° W — twitter — Jun 13th, 15:51 UTC
Office for the afternoon. #phpsw https://t.co/rhyssfeavs

51.47° N, 0.88° W — twitter — Jun 13th, 13:22 UTC
On my way to Bristol for @phpsw to talk about PHP extensions

51.53° N, 0.22° W — twitter — Jun 13th, 11:58 UTC
I walked 12.1km in 1h56m00s

runkeeper — Jun 13th, 10:23 UTC
I walked 1.3km in 13m36s

runkeeper — Jun 12th, 16:06 UTC
Merge branch 'xdebug_2_6'

github:xdebug/xdebug — Jun 12th, 12:44 UTC
Merged pull request #422

github:xdebug/xdebug — Jun 12th, 12:44 UTC
Fixed issue #1557: Remove 'return' in void xdebug_build_fname

github:xdebug/xdebug — Jun 12th, 10:53 UTC