Travis R.
Niels Voll wrote:
according to heise.de (in German only: http://www.heise.de/newsticker/meldung/56124), the problem might be:
AWStats Remote Command Execution Vulnerability:
http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities&flashstatus=true
This is very important to note: software can be attacked, even if it doesn't directly interact with the user of a server.
Log files are a classic for this. Could range from buffer overflow attacks to injection type of attacks.
Take it with a grain of salt, if this is really the phpBB problem (although heise.de sometimes gets really good inside scoops).
But in any case, it is true that log processing software is an attack vector, which therefore needs to be patched just as religiously as web server software.
...Niels
Travis R. wrote:
http://www.phpbb.com/
From the site:
Last updated: 7th February 2005, 15:50 GMT
At present www.phpbb.com is offline due to a group of politically motivated hackers wishing to use an opensource project to push their agenda ... shame on them.
I will take this opportunity to note that given currently available
information this hacking episode does not appear to be due to phpBB
itself. Instead a third party application looks to have been the problem.
Other sites were attacked at the same time as www.phpbb.com by the same
group displaying the same information and in these cases the same third
party application has been suggested as the common factor (thus far).
Equally we are not aware of any other phpBB boards being attacked and we
have not been notified of any valid security issues recently. Obviously we
will have more details when we\'ve reviewed just what happened.
Please do not ask us for updates as to the situation, its cause, etc. We are not holding anything back, we simply cannot comment at this time without having further information ourselves. Just as soon as we have a clearer picture, which depending on the condition of our server may be impossible to obtain, we will update the community. At present our #phpbb support channel is being swamped with \"What happened? Any news?\" style questions which are making it extremely difficult to support users with real issues.
We are working to recover the server. At best we may be back online Tuesday 8th February but more likely later that week. Meanwhile users can visit our development board, area51.phpbb.com where they can receive support for phpBB 2.0.x. Of course you can also view the next version of phpBB, 3.0 \"Olympus\" in the process (minus the new style of course!)
We are also maintaining our IRC support channel, #phpbb on the irc.freenode.net network
We apologise for any problems this may cause our userbase. We obviously take the huge support our community gives phpBB very seriously. And we will do our best to return to \"normal operations\" just as soon as we can.
psoTFX - phpBB Group
_______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
_______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
