retep
12-22-2004, 02:26 AM
phpBB
Web sites (http://tinyurl.com/6jww8) [slashdot.org] are reporting a worm that exploits phpBB. If you are running phpBB on your server, or have a user that may have installed it on their site, you will need to check it is the latest 2.0.11 (http://www.phpbb.com/phpBB/viewtopic.php?t=244451) [phpbb.com] or patch it (http://www.phpbb.com/phpBB/viewtopic.php?t=240513) [phpbb.com].
Latest files can be found here: http://www.phpbb.com/downloads.php
If you are unable to install the newer version or cannot patch the server, then we will do it for you. Please submit a support ticket with your server IP and the directory you have installed phpBB.
PHP
There are also reported exploits for a PHP bug. Users with WBEL3 distros can run apt-get update; apt-get upgrade to pick up the fixed RPMs. Users of other distros may need to wait a while. e.g. it does not look like the Debian package fix has gone from unstable to testing yet.
Please recheck this page in the next few days! We will update it with any more information we obtain about these exploiits
Some Postscripts
PS1: Not been to the website lately? Check out some new (free) services we are offering (http://rimuhosting.com/news.jsp)
PS2: Do you have a friend or colleague that may need Linux server hosting? Please tell them about RimuHosting or put one of our 'hosted by RimuHosting' (http://rimuhosting.com/linktous.jsp) buttons on your web site. Referrals help us become a stronger hosting company, able to offer better service. Also, we pay a $15 hosting credit for everyone that signs up and mentions your name as the referral source.
PS3: It has been our pleasure hosting you all through 2004. We have been working hard to improve our features, our web site, our servers and support. We look forward to providing an even better service to you through 2005.
- Regards, Happy Holidays, and Secure Computing
Peter
Web sites (http://tinyurl.com/6jww8) [slashdot.org] are reporting a worm that exploits phpBB. If you are running phpBB on your server, or have a user that may have installed it on their site, you will need to check it is the latest 2.0.11 (http://www.phpbb.com/phpBB/viewtopic.php?t=244451) [phpbb.com] or patch it (http://www.phpbb.com/phpBB/viewtopic.php?t=240513) [phpbb.com].
Latest files can be found here: http://www.phpbb.com/downloads.php
If you are unable to install the newer version or cannot patch the server, then we will do it for you. Please submit a support ticket with your server IP and the directory you have installed phpBB.
PHP
There are also reported exploits for a PHP bug. Users with WBEL3 distros can run apt-get update; apt-get upgrade to pick up the fixed RPMs. Users of other distros may need to wait a while. e.g. it does not look like the Debian package fix has gone from unstable to testing yet.
Please recheck this page in the next few days! We will update it with any more information we obtain about these exploiits
Some Postscripts
PS1: Not been to the website lately? Check out some new (free) services we are offering (http://rimuhosting.com/news.jsp)
PS2: Do you have a friend or colleague that may need Linux server hosting? Please tell them about RimuHosting or put one of our 'hosted by RimuHosting' (http://rimuhosting.com/linktous.jsp) buttons on your web site. Referrals help us become a stronger hosting company, able to offer better service. Also, we pay a $15 hosting credit for everyone that signs up and mentions your name as the referral source.
PS3: It has been our pleasure hosting you all through 2004. We have been working hard to improve our features, our web site, our servers and support. We look forward to providing an even better service to you through 2005.
- Regards, Happy Holidays, and Secure Computing
Peter