Date: Mon, 27 Dec 2004 21:06:17 -0500 From: "Peter C. Lai" <sirmoo@cowbert.net> To: estover@nativenerds.com Cc: freebsd-security@freebsd.org Subject: Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10 Message-ID: <20041228020617.GK24545@cowbert.net> In-Reply-To: <34657.24.230.37.14.1104187002.squirrel@24.230.37.14> References: <34657.24.230.37.14.1104187002.squirrel@24.230.37.14>
next in thread | previous in thread | raw e-mail | index | archive | help
This was added to vuxml on dec 22 but the vulnerability was discovered on nov. 18. On Mon, Dec 27, 2004 at 03:36:42PM -0700, estover@nativenerds.com wrote: > I think, there is a neat exploit in the phpbb2.0.8 because I found my home > page defaced one dark morning. The patch for phpBB is here. > http://www.phpbb.com/downloads.php > > The excerpt of the log is attached. > > I believe the link to the described exploit is here. > http://secunia.com/advisories/13239 > > The defacement braggen page is here filter to show the exploited FreeBSD > machines that aneurysm.inc has defaced > http://www.zone-h.org/en/defacements/filter/filter_defacer=aneurysm.inc/filter_system=FreeBSD/page=1/ > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041228020617.GK24545>