Register | Login | |||||
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
| |
2 users currently in General Chat: |
Acmlm's Board - I2 Archive - General Chat - NeverEverNoSanity | | | |
Pages: 1 2 3 4 | Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
User | Post | ||
Tarale I'm not under the alfluence of incohol like some thinkle peop I am. It's just the drunker I sit here the longer I get. Level: 73 Posts: 1018/2720 EXP: 3458036 For next: 27832 Since: 03-18-04 From: Adelaide, Australia Since last post: 4 hours Last activity: 2 hours |
| ||
Very very interesting. (I like worms. They piss me off but facinate me at the same time). Current information at F-Secure. The worm isn't spreading anymore, courtesy of Google. Quite an interesting worm. Edit: Aw nuts, it didn't kill my "baleeeted" forum. Oh well, maybe next phpbb attacking worm will.... (edited by Tarale on 12-22-04 07:15 AM) |
|||
Colleen Administrator Level: 136 Posts: 5870/11302 EXP: 29369328 For next: 727587 Since: 03-15-04 From: LaSalle, Quebec, Canada Since last post: 3 hours Last activity: 1 hour |
| ||
It's baaaaaaaack... (copy/paste from Yahoo via PC World) The latest version of the Santy worm poses an elevated risk to many Web sites built using the PHP scripting language, security experts warn. Protecting those sites may involve individually recoding them, those security experts say. Early versions of the Santy worm exploited a specific bug in a bulletin-board software package called phpBB, and their attacks could be prevented by applying a patch to the software. However, the security flaw exploited by newer versions of the worm such as Santy.C or Santy.E is more general, and can occur anywhere a site designer has left the door open for the inclusion of arbitrary files into PHP scripts, experts at K-OTik Security in Montpellier, France, warn. Santy.C and Santy.E behave so differently from Santy.A that the K-OTik is renaming the worm PhpInclude.Worm in its advisories, the company says. The worm doesn't exploit the vulnerabilities in phpBB targeted by its predecessor, instead aiming for a wider range of common programming errors in PHP Web pages. It uses search engines including Google, Yahoo, and AOL to identify exploitable Web pages written in PHP which use the functions "include()" and "require()" in an insecure manner, K-OTik says. These functions can be used to embed the contents of a file within a Web page. If the site designer used them without sufficient checking of the parameters passed to the function, then an attacker could exploit them to incorporate an arbitrary file in the Web page, rather than the limited range presumably intended by the site designer. From there, depending on the configuration of the Web server, the attacker could move on to take control of the entire machine, K-OTik warns. To prevent these attacks, it may be necessary to recode the site to use the include() and require() functions in a safe manner. |
|||
Tarale I'm not under the alfluence of incohol like some thinkle peop I am. It's just the drunker I sit here the longer I get. Level: 73 Posts: 1044/2720 EXP: 3458036 For next: 27832 Since: 03-18-04 From: Adelaide, Australia Since last post: 4 hours Last activity: 2 hours |
| ||
Yeah, I've been following it on F-Secure's Blog since Boxing Day (but haven't been able to post really cause I had last post...). To quote:
Damn you Brazillian hackers. (edited by Tarale on 12-28-04 03:37 AM) |
|||
Colleen Administrator Level: 136 Posts: 5881/11302 EXP: 29369328 For next: 727587 Since: 03-15-04 From: LaSalle, Quebec, Canada Since last post: 3 hours Last activity: 1 hour |
| ||
I know two sites in Quebec which were nailed with it yesterday. Not fun at all. Again, the sites didn't seem to be damaged data-wise but there's potential I fear. |
|||
HyperLamer <||bass> and this was the soloution i thought of that was guarinteed to piss off the greatest amount of people Sesshomaru Tamaranian Level: 118 Posts: 2715/8210 EXP: 18171887 For next: 211027 Since: 03-15-04 From: Canada, w00t! LOL FAD Since last post: 2 hours Last activity: 2 hours |
| ||
What counts as an insecure manner? The only place my site uses those is to include a header file, but one can't be too careful. | |||
Tarale I'm not under the alfluence of incohol like some thinkle peop I am. It's just the drunker I sit here the longer I get. Level: 73 Posts: 1082/2720 EXP: 3458036 For next: 27832 Since: 03-18-04 From: Adelaide, Australia Since last post: 4 hours Last activity: 2 hours |
| ||
Another one...
|
Pages: 1 2 3 4 | Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
Acmlm's Board - I2 Archive - General Chat - NeverEverNoSanity | | | |