http://www.phpbb.com/phpBB/viewtopic.php?t=240636
http://www.securiteam.com/unixfocus/6J00O15BPS.html
There is a serious flaw with the viewtopic.php and the encoding of the highlight feature (as well as a few other problems).
I just got done cleaning up this mess on a server that wasn't being properly updated. Please let everyone you know to make sure your phpBB system is up to date.
The box I cleaned up was compromised with a UTF-8 encoding flaw that ultimately allowed the server to DOS attack another party.
Please please please let everyone you know who is using a phpBB to either patch the appropriate files or update their bulletin board.
Thank you,
Wobb
Warning to hosts using phpBB
Return to “General Discussion Archive”
Who is online
Users browsing this forum: No registered users and 44 guests