Avast WEBforum

Other => Viruses and worms => Topic started by: RejZoR on December 21, 2004, 06:28:33 PM

Title: Worm Sanity.A goes ITW
Post by: RejZoR on December 21, 2004, 06:28:33 PM

LINK:
http://www.europe.f-secure.com/weblog/

This worm is written in Perl. It's searching vulnerable forum sites via Google. When a suitable site is found, the worm uses a remote exploit to gain access to it, defaces it and restarts random scanning for new hosts.

There has been several serious holes in the phpBB software over the years. One was discussed in Netcraft just days ago.

We don't know how many phpBB sites there are in the world, but Google search for inurl:phpbb inurl:viewtopic gives over a million hits...

The first defacement we heard about happened today at around 15:00 GMT.

Official home page of phpBB does not mention this incident yet.

Title: Re:Worm Sanity.A goes ITW
Post by: watchthisspace on December 21, 2004, 10:58:18 PM

Does this mean the avast! forum is vulnerable?

Title: Re:Worm Sanity.A goes ITW
Post by: RejZoR on December 22, 2004, 07:15:43 AM

Nope,its not based on phpBB code. Its YabbSE