SV650.org - SV650 & Gladius 650 Forum

SV650.org - SV650 & Gladius 650 Forum (http://forums.sv650.org/index.php)
-   Idle Banter (http://forums.sv650.org/forumdisplay.php?f=116)
-   -   Geeky Thread: phpBB 3.x vulnerabilities (http://forums.sv650.org/showthread.php?t=110239)

Baph 13-05-08 04:55 PM
Geeky Thread: phpBB 3.x vulnerabilities
 
This does not apply to the .org as we don't use phpBB here.

I've just heard that there are a couple of vulnerabilities for phpBB 3.x out at the moment.

These vulnerabilities involve the membership lists, and PM attachments. My advice to anyone running a phpBB 3.x based forum to disable membership lists, and attachments to PM's.

These vulnerabilites (from my quick look) are being listed as low priority. However, they are actually being used as a stepping stone. Comprimise the server running phpBB for use later. It appears from the network graphs I've seen that these comprimised servers will be used for some form of DDoS once they've reached critical mass.

So any admins out there, keep an even closer eye on your phpBB installations...


All times are GMT. The time now is 08:54 PM.

Powered by vBulletin® - Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.