Monday, December 27, 2004

Santy Worm is Boosting

Perl.Santy is a worm written in Perl script that attempts to spread to Web servers running versions of the phpBB 2.x bulletin board software prior to 2.0.11, which are vulnerable to the PHPBB Remote URLDecode Input Validation Vulnerability. Though it was first originally discovered only affecting phpBB 2.0.11 below, for some reasons, it has been updated to affect 2.0.11 also. It also uses Google search engine to find it's next target for the first version and now, it has been enhanced to support the use of AOL and Yahoo also. Now, it has 3 variants, Santy, Santy.b and Santy.C. You may also find the Santy.b SourceCode.

For those who runs a phpBB discussion board, it is recommended to upgrade to phpBB 2.0.11 and newer (if there are any) and also upgrade to PH 4.3.10 or 5.0.3 which also fix many vulnerability found on PHP 4.3.9 and 5.0.2. You can get them at PHP's Official Website

No comments:

Post a Comment