phpBB worm FUD

Dieren, the Netherlands

Friday, December 24th 2004, 12:07 CET

Everybody who thinks that the Santy.A worm uses one of the security problems addressed in PHP's latest bugfix releases is wrong. It was NOT due to any bug in PHP, but merely a badly checked input variable which was passed to preg with the /e modifier. Besides this, phpBB is also vulnarable for some of the things address by PHP's new releases. But they are wrong saying that it is not their fault. Not-checked usage of serialized data is still their problem. Short version: use FUDforum .

Shortlink

This article has a short URL available: http://drck.me/phpbb-worm-fud-3hp

Comments

No comments yet

Add Comment

Name:
Email:	Will not be posted. Please leave empty instead of filling in garbage though!
Comment:	Please follow the reStructured Text format. Do not use the comment form to report issues in software, use the relevant issue tracker. I will not answer them here.
	All comments are moderated

Life Line

And of course thus ties back to Brexit because we'll be poorer and will have less money for the NHS: https://t.co/fU04CTbkoi

50.80° N, 7.20° E — twitter — Aug 19th, 06:31 UTC
Stephen Hawking blames Tory politicians for damaging NHS: https://t.co/hqyb42ST3S

50.80° N, 7.20° E — twitter — Aug 19th, 06:25 UTC
I walked 8.4km in 1h19m55s

runkeeper — Aug 16th, 11:45 UTC
Saved from being destroyed for the Garden Bridge! https://t.co/nPyU2AH216

51.51° N, 0.12° W — twitter — Aug 15th, 16:37 UTC
New blog post: "New Date/Time Support in MongoDB": https://t.co/I61ejoT7uC

twitter — Aug 15th, 10:48 UTC
Regent's Park Lake

51.53° N, 0.16° W — flickr — Aug 15th, 09:10 UTC
I walked 17.4km in 2h50m31s

runkeeper — Aug 15th, 06:14 UTC
I walked 6.5km in 1h3m16s

runkeeper — Aug 14th, 11:41 UTC
I walked 9.0km in 1h41m19s

runkeeper — Aug 13th, 10:15 UTC
I walked 4.5km in 57m56s

runkeeper — Aug 12th, 10:17 UTC
I walked 12.5km in 2h8m40s

runkeeper — Aug 11th, 15:36 UTC
I walked 6.4km in 1h18m12s

runkeeper — Aug 10th, 09:32 UTC
Spend a while tracking down a bug. Cause: preg_replace with "e", which was silenced with @ operator. xdebug.scream=1 by default from 2.6!

twitter — Aug 9th, 10:13 UTC
I walked 7.5km in 1h4m48s

runkeeper — Aug 8th, 06:42 UTC
On the way to Bournemouth to give a talk on non-scalar data at @PHPDorset

51.50° N, 0.14° W — twitter — Aug 7th, 13:29 UTC
I walked 9.3km in 1h30m28s

runkeeper — Aug 7th, 11:22 UTC
Well done Dutchies! #nedden #weuro2017

twitter — Aug 6th, 16:55 UTC
I walked 3.7km in 39m34s

runkeeper — Aug 6th, 09:12 UTC
This is going to piss of EU citizens in the UK. Permanent residence card invalid after Brexit. #ExitFromBrexit https://t.co/eIFgACj189

51.53° N, 0.20° W — twitter — Aug 6th, 08:27 UTC
Whisky of the month: A 12yo Balmenach from Cadenhead's: https://t.co/UbET2sVS8p https://t.co/OmZSBeEvML

51.53° N, 0.20° W — twitter — Aug 5th, 21:38 UTC