coby Δημοσ. 26 Δεκεμβρίου 2004 Δημοσ. 26 Δεκεμβρίου 2004 Ο ιός έχει ξεφύγει από τον έλεγχο... Τουλάχιστον 40.000 forums σε ολόκληρο τον κόσμο υπέστησαν ζημιές. Εμάς μας έκλεισαν προληπτικά και μαζί όλα τα phpBB forums στο server μας γιατί παρουσιαστηκαν απίστευτα slowdowns μετά από πολλαπλά DOS Attacks στα phpBB boards με παλαιότερες εκδόσεις. Tώρα προσπαθώ να επικοινωνήσω με το host μιας και είμαστε στην 2.0.11 και δεν έχουμε πρόβλημα για να μας ξεμπλοκάρει... Το insomnia είναι στην 2.0.6 νομίζω κρίνεται απαραίτητη η αναβάθμιση στην έκδοση phpBB 2.0.11... Technical Cyber Security Alert TA04-356A Exploitation of phpBB highlight parameter vulnerability Original release date: December 21, 2004 Last revised: -- Source: US-CERT Systems Affected phpBB versions 2.0.10 and prior Overview The software phpBB contains an input validation problem in how it processes a parameter contained in URLs. An intruder can deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board. I. Description phpBB is an open-source bulletin board application. It fails to properly perform an urldecode() on the "highlight" parameter supplied to viewtopic.php. This may allow a remote attacker to execute arbitrary commands on a vulnerable server. According to reports, this vulnerability is being actively exploited by the Santy.A worm. The worm appears to propogate by searching for the keyword "viewtopic.php" in order to find vulnerable sites. The worm writes itself to a file named "m1ho2of" on the compromised system. It then overwrites files ending with .htm, .php, .asp. shtm, .jsp, and .phtm replacing them with HTML content that defaces the web page. The worm then tries to use PERL to execute itself on the compromised system and propogate further. US-CERT is tracking this issue as: VU#497400 - phpBB viewtopic.php fails to properly sanitize input passed to the "highlight" parameter II. Impact A remote attacker may be able to deface a phpBB website and execute arbitrary commands on a compromised bulletin board. III. Solution Upgrade phpBB Upgrade to phpBB verison 2.0.11 to prevent exploitation. Appendix A. References * US-CERT Vulnerability Note VU#497400 - <http://www.kb.cert.org/vuls/id/497400> * phpBB Downloads - <http://www.phpbb.com/downloads.php> * phpBB Announcement - <http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240636> * Symantec Security Response - Perl.Santy - <http://securityresponse.symantec.com/avcenter/venc/data/perl.santy> * McAfee - Computer Virus Software and Internet Security - <http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=> __________________________________________________ _______________ This vulnerability was reported by the phpBB Development Team. __________________________________________________ _______________ Feedback can be directed to the authors: Jeffrey Gennari and Jason Rafail __________________________________________________ _______________ This document is available from: <http://www.us-cert.gov/cas/techalerts/TA04-356A.html> __________________________________________________ _______________ Copyright 2004 Carnegie Mellon University. Terms of use: <http://www.us-cert.gov/legal.html>
Προτεινόμενες αναρτήσεις
Αρχειοθετημένο
Αυτό το θέμα έχει αρχειοθετηθεί και είναι κλειστό για περαιτέρω απαντήσεις.