phpBB Google thing?

Friday Dec 24th 2004

Enjoying the day off so I figured I’d write some stuph. :-)

Article: http://news.bbc.co.uk/1/hi/technology/4117711.stm

This one too: http://www.kaspersky.com/news?id=156681162

A few of my friends run phpBB boards. I myself have set a few up for other sites here and there. On December 22nd a “Santy” worm spread throughout the ‘net and started breaking into phpBB boards left and right via a Google search exploit (read articles above for more detailed explanation).

The 2.0.11 patch does not seem to fix the problem (yikes). Fortunately, Google themselves stopped the exploit so the exploit ceased, thankfully.

Although I really like the phpBB message board software, it seems a new exploit is found for it every other week. Or at least it seems like that.

I’ve been entertaining the idea of putting a board back, but it probably won’t be phpBB. There are just too many security problems that seems to pop up all the time.

And for friends of mine that I am supporting sites for right now: Yes I will patch your phpBB. There is a manual .htaccess code fix for it. I will be doing this today - not to worry. (grin)

[--edit--]

phpBB viewtopic patch and .htaccess patch applied. Boards are safe. For now. (grin)

[--one more edit--]

If you’re running a phpBB board on your site you really should update to 2.0.11, else you run the risk of having your board broken into. This is no joke.

[--and one more--]

Installed a “crash” board to test out phpBB stuph. You can post there if you want. Just don’t be a retard. (grin)

rss feed for this article's comments

comments and pings are closed for this article

« Needs more cowbellCocoa Christmas Memories »