From owner-freebsd-security@FreeBSD.ORG  Tue Dec 28 02:06:22 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 27AC216A4CE
	for <freebsd-security@freebsd.org>;
	Tue, 28 Dec 2004 02:06:20 +0000 (GMT)
Received: from cowbert.2y.net (d46h180.public.uconn.edu [137.99.46.180])
	by mx1.FreeBSD.org (Postfix) with SMTP id 58C1443D48
	for <freebsd-security@freebsd.org>;
	Tue, 28 Dec 2004 02:06:18 +0000 (GMT)
	(envelope-from sirmoo@cowbert.net)
Received: (qmail 55729 invoked by uid 1001); 28 Dec 2004 02:06:17 -0000
Date: Mon, 27 Dec 2004 21:06:17 -0500
From: "Peter C. Lai" <sirmoo@cowbert.net>
To: estover@nativenerds.com
Message-ID: <20041228020617.GK24545@cowbert.net>
References: <34657.24.230.37.14.1104187002.squirrel@24.230.37.14>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <34657.24.230.37.14.1104187002.squirrel@24.230.37.14>
User-Agent: Mutt/1.5.6i
cc: freebsd-security@freebsd.org
Subject: Re: Found security expliot in port phpBB 2.0.8  FreeBSD4.10
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Dec 2004 02:06:22 -0000

This was added to vuxml on dec 22 but the vulnerability was discovered on
nov. 18.

On Mon, Dec 27, 2004 at 03:36:42PM -0700, estover@nativenerds.com wrote:
> I think, there is a neat exploit in the phpbb2.0.8 because I found my home
> page defaced one dark morning. The patch for phpBB is here.
> http://www.phpbb.com/downloads.php
> 
> The excerpt of the log is attached.
> 
> I believe the link to the described exploit is here.
> http://secunia.com/advisories/13239
> 
> The defacement braggen page is here filter to show the exploited FreeBSD
> machines that aneurysm.inc has defaced 
> http://www.zone-h.org/en/defacements/filter/filter_defacer=aneurysm.inc/filter_system=FreeBSD/page=1/
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

-- 
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/