<snip> I haven't fully researched it yet, but our domains were just hacked, and from the looks of it, the attack came in thru phpBB. This morning, around 9:00am, I upgraded our webserver to php v4.3.10 from v4.3.9 due to potential security risks, and at 11:30 it looks as if the attack started. By 11:48, all of the php pages, on all of our domains were replaced by one like this... http://john.nichel.net I don't know if this is a PHP problem or a phpBB problem as of yet, but I wanted to get the word out here so that y'all can take precautions if neccessary. I disabled the system() function on our box, and may need to take further action as I discover more. Below is what I believe to be the 'offensive' access from the Apache logs on the domain where the attack started. If you see something that I'm missing, please let the list know. </snip> http://news.zdnet.com/2100-1009_22-5499725.html regards, Jesse -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
