My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new variation of the worm this morning. I'm attaching the 2 perl scripts it installs, one is an irc bot the other the worm itself.
The worm code attached uses the same old 2.0.10 highlight vulnerability. You probably hadn't patched all your phpBB installs properly.
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
