Jump to content

Phpbb


TCH-Andy
 Share

Recommended Posts

A number of vulnerabilities have been found in phpBB versions 2.0.x.

 

These vulnerabilities are being attacked by a worm that exploits a bug in phpBB versions 2.0.10 and earlier.

 

This is the first of a new kind of threat that automatically exploits a web application. The worm uses Google to search for phpBB boards, infects them, and then continues to spread from there. Infected sites show a red text "NeverEverNoSanity WebWorm Generation" (followed by a number) on a black background.

 

All users should download version 2.0.11 from latest phpBB version and update your sites immediately. If you installed it via our cpanel, you can upgrade in cpanel to the latest version.

Link to comment
Share on other sites

Yes, 2.0.11 from cpanel is fine.

 

We are aiming to check all versions of phpBB running on our servers, and send out an email tonight and tomorrow night to all people running old versions of phpBB.

 

If people do not update their forums within 48 hours, we aim to disable the forum (and only the forum, not the whole account) on their account, both to protect their accounts from being exploited and also to protect others on the servers from load issues which can be associated with these exploits.

 

 

As a reminder - this is another good reason to ensure your cpanel contact details are uptodate - for situations where we want to contact you quickly and easily.

Link to comment
Share on other sites

Ok I am running Invision Board......this is from my admin page:

 

PHP VERSION: 4.3.10, MySQL VERSION: 4.0.22-standard

 

I received the email tonight and I am not aware I loaded phpBB unless it's the same as Invision Board?

 

Thanks!

Donna

 

If by chance I did load it in the beginning to check it out how would I find it on my site index....cause I will just delete it.

 

:tchrocks:

Link to comment
Share on other sites

I received the email also. Several weeks ago there was an alert about phpbb stating we should upgrade. Not wanting to lose all my mods I did a Changed Files Only to update all the vulnerable files to v2.0.11. Does this mean I'm now going to have to do a full update?

Link to comment
Share on other sites

I just received an e-mail from TCH Support warning me about an exploit in phpBB which I already knew about asking me to upgrade my forum within 24 hours or it will be disabled. I'm already using phpBB 2.0.11 which is the latest release so I just wanted to make that clear before someone from TCH disables my board. Perhaps I should submit a support ticket letting them know?

Link to comment
Share on other sites

The biggest issue we are facing right now is this.

 

As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards.

 

However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches.

 

We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action.

 

I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this.

 

My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance.

 

As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view.

 

Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue.

 

Bill

Link to comment
Share on other sites

The biggest issue we are facing right now is this.

 

As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards.

 

However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches.

 

We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action.

 

I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this.

 

My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance.

 

As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view.

 

Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue.

 

I understand but I am using IPB how do I check to see if I inavertnaly loaded phpBB?

 

Thanks Donna

Link to comment
Share on other sites

I received the email this evening. Since I did a lot of customizing to the code, I would like to replace just the supporting files that are at issue.

 

Can someone provide more explanation other than just "there is a problem" ?

 

Thanks.

Link to comment
Share on other sites

I hope you guys continue to support the phpBB software because I've been using it for awhile and prefer it over IPB or vBulletin, etc. Just for the record it's not just phpBB but all these forum softwares are liable to have vulnerabilities and just because phpBB is open source some people are claiming that's the reason for the exploit but I don't believe that to be true.

Link to comment
Share on other sites

If your not actively using phpbb you should delete the dB and the folder for it.

 

We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing. We simply deleted the dB and the folder for it.

 

Technically we never really did support phpbb. It was simply a add-on script offered by cPanel.

 

Bill

Link to comment
Share on other sites

If your not actively using phpbb you should delete the dB and the folder for it.

 

We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing.  We simply deleted the dB and the folder for it.

 

Technically we never really did support phpbb.  It was simply a add-on script offered by cPanel. 

 

Bill

 

Ok I had a blonde moment :tchrocks: I found a phpbb I set up for my family but they never used it and forgot about it.....I deleted it and the Chat thingy so hope that takes care of this.

Link to comment
Share on other sites

Here's a (possibly) tricky one...

 

I'm running a site with a Postnuke module/modded version of phpBB. (PNphpBB2)

It is the latest version of PNphpBB2, but the phpbb isn't - it's 2.0.10

 

A few months ago the folks at PNphpBB gave everyone a heads up about the other security risk (which I updated the forum with) but today I went to their website to see what the word was and...

http://www.pnphpbb.com/

 

*gulp*

 

So for the moment I've taken the forum on the site offline until I can investigate and too see if I can install a patch or an update from phpBB.

But after recieving the warning email - my fear is that you chaps will come along and disable the forum, which is intergrated into Postnuke - and which may therefore disable the entire site.

So just a request to your peeps over there - be careful out there. Watch where you put those size nines. :clapping:

Link to comment
Share on other sites

whoahorse,

 

try checking the config.php file that's in your phpBB root folder to see which database your forum is using then go and delete the others that aren't in use.

 

To upgrade you can try doing that from cPanel if you originally installed your board from there or you can download the software and run the upgrade.php file from the archive and it should upgrade.

Link to comment
Share on other sites

 

I take it that's a no..

 

Do you have any back-ups? If not submit that ticket.

 

I do all install, upgrades, modifications myself that way if something does happen to go wrong I will know what it is and will be able to fix it.

 

Back-ups are intregal and should be done daily. You can do it from the Admin panel.

Link to comment
Share on other sites

Back-ups are intregal and should be done daily. You can do it from the Admin panel.

 

I keep all my HTML on my hard drive at home and work and I have all my website HTML on Disks. I never back up the forum thou. I think I read somewhere TCH does regular back ups thou?

 

Weezy

Link to comment
Share on other sites

I got an e-mail that says I need to update my PHP forum.  I installed it through Cpanel, but now I can't figure out how to upgrade it from Cpanel.  Can someone please help me navigate?

 

Go to the same option you did when you installed it through cPanel you should see an upgrade option. Usually within cPanel there is an option that sayd "Bulletin Board" choose that.

Link to comment
Share on other sites

I just realized something whoahorse. I just checked your forum and you are running IPB not phpBB what did you try to upgrade? That could be what caused your problem.

 

Oh LOL! Thanks! I don't use the format you are talking about. It's good I upgraded thou, that forum was corrupt!

 

Weezy

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...