Mike wrote:
Hello all,
I have been hit twice now with the udp.pl exploit found in phpbb
I thought that upgrading to php 4.3.10 would stop this? Was I wrong?
yes you are wrong - I have no idea why you would think that other than blind
assumption. - phpBB is forum software writting in PHP.....
phpBB IS NOT *&^#%@*&^% PHP!!!!
the exploit is in phpBB and not in PHP. (like you said yourself).
in order to fix it you should go to the phpbb.com site a download the
latest version - actually I don't know if that will help - but I do know
that they have a topic on their forum which explains how to hack to source
code in order to 'fix' the problem, tghe problem is related to their
search term 'highlight' functionlality. (knowing that should help
you track down the fix)
rgds,
Jochem
Here is what it does...
" The attacker installed a UDP flood tool that ran for 2 hours before buzz
was blocked by Network Services. Remote shell programs were also uploaded
and run to give the attackers easier access to the webservers user account.
"
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
