TCH-Andy Posted February 11, 2005 Posted February 11, 2005 A number of vulnerabilities have been found in phpBB versions 2.0.x. These vulnerabilities are being attacked by a worm that exploits a bug in phpBB versions 2.0.10 and earlier. This is the first of a new kind of threat that automatically exploits a web application. The worm uses Google to search for phpBB boards, infects them, and then continues to spread from there. Infected sites show a red text "NeverEverNoSanity WebWorm Generation" (followed by a number) on a black background. All users should download version 2.0.11 from latest phpBB version and update your sites immediately. If you installed it via our cpanel, you can upgrade in cpanel to the latest version. Quote
TCH-Bruce Posted February 11, 2005 Posted February 11, 2005 This may be a new threat and TCH-MikeJ posted other vulnerabilites in this thread back in November. http://www.totalchoicehosting.com/forums/i...showtopic=14581 Quote
OldTimer Posted February 11, 2005 Posted February 11, 2005 Is it safe to assume that the link on cpanel is the latest version? Bottom of my (work in progress) board says - Powered by phpBB 2.0.11 © phpBB Group Better safe then sorry Greg Quote
TCH-Andy Posted February 11, 2005 Author Posted February 11, 2005 Yes, 2.0.11 from cpanel is fine. We are aiming to check all versions of phpBB running on our servers, and send out an email tonight and tomorrow night to all people running old versions of phpBB. If people do not update their forums within 48 hours, we aim to disable the forum (and only the forum, not the whole account) on their account, both to protect their accounts from being exploited and also to protect others on the servers from load issues which can be associated with these exploits. As a reminder - this is another good reason to ensure your cpanel contact details are uptodate - for situations where we want to contact you quickly and easily. Quote
OldTimer Posted February 11, 2005 Posted February 11, 2005 Thanks Andy Just wanted to be sure. Greg Quote
natimage Posted February 11, 2005 Posted February 11, 2005 I got an email regarding this....but I'm not aware of having phpBB installed on any of my sites. Maybe I should submit a help desk ticket to find out for sure??? Quote
TroutSlayer Posted February 11, 2005 Posted February 11, 2005 I received the "upgrade phpbb" email this afternoon too. However, I upgraded to ver. 2.0.11 on Monday when the other "action required" blog software email came out. Was this phpbb email another mass email to all accounts, or is TCH showing my phpbb being outdated? Thanks! Quote
TCH-Andy Posted February 11, 2005 Author Posted February 11, 2005 What has happened in some cases is people have installed phpBB, then just removed the files, but left the database. In our checks, we have got the version number from the database. However, if in doubt, please open a help desk ticket Quote
whoahorse Posted February 11, 2005 Posted February 11, 2005 For the blonde people.. any step by step instructions of how to do this?? Weezy Quote
Dumplin Posted February 11, 2005 Posted February 11, 2005 Ok I am running Invision Board......this is from my admin page: PHP VERSION: 4.3.10, MySQL VERSION: 4.0.22-standard I received the email tonight and I am not aware I loaded phpBB unless it's the same as Invision Board? Thanks! Donna If by chance I did load it in the beginning to check it out how would I find it on my site index....cause I will just delete it. Quote
curtis Posted February 11, 2005 Posted February 11, 2005 I received the email also. Several weeks ago there was an alert about phpbb stating we should upgrade. Not wanting to lose all my mods I did a Changed Files Only to update all the vulnerable files to v2.0.11. Does this mean I'm now going to have to do a full update? Quote
TCH-Rob Posted February 12, 2005 Posted February 12, 2005 Weezy, Go to your cPanel and then the Manage Mysql. Look to see that there aren't any extra databases in there other than what you normally use. Quote
Dark Posted February 12, 2005 Posted February 12, 2005 I just received an e-mail from TCH Support warning me about an exploit in phpBB which I already knew about asking me to upgrade my forum within 24 hours or it will be disabled. I'm already using phpBB 2.0.11 which is the latest release so I just wanted to make that clear before someone from TCH disables my board. Perhaps I should submit a support ticket letting them know? Quote
Dark Posted February 12, 2005 Posted February 12, 2005 I got this e-mail just a few minutes ago and I'm already running phpBB 2.0.11 I don't want them to disable my board. They may have been mistaken because I edited one of the tpl files to remove the software version. Quote
TCH-Rob Posted February 12, 2005 Posted February 12, 2005 Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using? Quote
Head Guru Posted February 12, 2005 Posted February 12, 2005 The biggest issue we are facing right now is this. As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards. However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches. We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action. I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this. My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance. As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view. Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue. Bill Quote
Dumplin Posted February 12, 2005 Posted February 12, 2005 The biggest issue we are facing right now is this. As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards. However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches. We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action. I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this. My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance. As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view. Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue. I understand but I am using IPB how do I check to see if I inavertnaly loaded phpBB? Thanks Donna Quote
BrianB Posted February 12, 2005 Posted February 12, 2005 I received the email this evening. Since I did a lot of customizing to the code, I would like to replace just the supporting files that are at issue. Can someone provide more explanation other than just "there is a problem" ? Thanks. Quote
Dark Posted February 12, 2005 Posted February 12, 2005 I hope you guys continue to support the phpBB software because I've been using it for awhile and prefer it over IPB or vBulletin, etc. Just for the record it's not just phpBB but all these forum softwares are liable to have vulnerabilities and just because phpBB is open source some people are claiming that's the reason for the exploit but I don't believe that to be true. Quote
Pamm Posted February 12, 2005 Posted February 12, 2005 Ok, now I'm really confused. I got a notice about Phpbb, but the two boards on my site both use IBP. I did use Phpbb at first but decided I didn't like it. Help? Quote
Head Guru Posted February 12, 2005 Posted February 12, 2005 If your not actively using phpbb you should delete the dB and the folder for it. We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing. We simply deleted the dB and the folder for it. Technically we never really did support phpbb. It was simply a add-on script offered by cPanel. Bill Quote
TCH-Bruce Posted February 12, 2005 Posted February 12, 2005 Brian, please see this post. http://www.totalchoicehosting.com/forums/i...topic=17054&hl= Quote
Pamm Posted February 12, 2005 Posted February 12, 2005 Bill, thank you so much! Sorry for the panic attack, it's been a long, hard day for me and my brain is totally fried right now I've deleted all the pphbb databases and should only have the two IPB's now Quote
Dumplin Posted February 12, 2005 Posted February 12, 2005 If your not actively using phpbb you should delete the dB and the folder for it. We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing. We simply deleted the dB and the folder for it. Technically we never really did support phpbb. It was simply a add-on script offered by cPanel. Bill <{POST_SNAPBACK}> Ok I had a blonde moment I found a phpbb I set up for my family but they never used it and forgot about it.....I deleted it and the Chat thingy so hope that takes care of this. Quote
Webbie Posted February 12, 2005 Posted February 12, 2005 Here's a (possibly) tricky one... I'm running a site with a Postnuke module/modded version of phpBB. (PNphpBB2) It is the latest version of PNphpBB2, but the phpbb isn't - it's 2.0.10 A few months ago the folks at PNphpBB gave everyone a heads up about the other security risk (which I updated the forum with) but today I went to their website to see what the word was and... http://www.pnphpbb.com/ *gulp* So for the moment I've taken the forum on the site offline until I can investigate and too see if I can install a patch or an update from phpBB. But after recieving the warning email - my fear is that you chaps will come along and disable the forum, which is intergrated into Postnuke - and which may therefore disable the entire site. So just a request to your peeps over there - be careful out there. Watch where you put those size nines. Quote
whoahorse Posted February 12, 2005 Posted February 12, 2005 Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using? <{POST_SNAPBACK}> I do have an extra one, but I think it is from the other board I used to have. How do I know which one to delete? Weezy Quote
whoahorse Posted February 12, 2005 Posted February 12, 2005 Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using? <{POST_SNAPBACK}> Rob, in another account I have three databases and I think I only have one forum running from that one? What should I do? Weezy Quote
whoahorse Posted February 12, 2005 Posted February 12, 2005 Is there a thread somewhere of how to updrade our forums? Weezy Quote
Dark Posted February 12, 2005 Posted February 12, 2005 whoahorse, try checking the config.php file that's in your phpBB root folder to see which database your forum is using then go and delete the others that aren't in use. To upgrade you can try doing that from cPanel if you originally installed your board from there or you can download the software and run the upgrade.php file from the archive and it should upgrade. Quote
TCH-Bruce Posted February 12, 2005 Posted February 12, 2005 Is there a thread somewhere of how to updrade our forums? If you installed phpBB through cPanel there should be a one click option to upgrade to 2.0.11 If not then check the phpBB site, I'm sure they have instructions. Quote
whoahorse Posted February 12, 2005 Posted February 12, 2005 I did install it throu cpanel.. where do I 'click' ??? weezy Quote
Dark Posted February 12, 2005 Posted February 12, 2005 I did install it throu cpanel.. where do I 'click' ??? weezy <{POST_SNAPBACK}> It should be under the "Bulletin Board" option in cPanel. Quote
whoahorse Posted February 12, 2005 Posted February 12, 2005 Well, I hit the "upgrade function" it said it was done successfully. Now this is my forum. http://www.whoahorse.com/forum Weezy Quote
TCH-Bruce Posted February 12, 2005 Posted February 12, 2005 Open a support ticket with the help desk. I have used this feature and it worked fine. Quote
Dark Posted February 12, 2005 Posted February 12, 2005 I sure hope you made a back-up or perform daily back-ups because if you do then you should be able to fix it yourself in no time at all. Quote
Dark Posted February 12, 2005 Posted February 12, 2005 <{POST_SNAPBACK}> I take it that's a no.. Do you have any back-ups? If not submit that ticket. I do all install, upgrades, modifications myself that way if something does happen to go wrong I will know what it is and will be able to fix it. Back-ups are intregal and should be done daily. You can do it from the Admin panel. Quote
whoahorse Posted February 12, 2005 Posted February 12, 2005 Back-ups are intregal and should be done daily. You can do it from the Admin panel. <{POST_SNAPBACK}> I keep all my HTML on my hard drive at home and work and I have all my website HTML on Disks. I never back up the forum thou. I think I read somewhere TCH does regular back ups thou? Weezy Quote
whoahorse Posted February 12, 2005 Posted February 12, 2005 Thanks to Abdul Hakeem my forum is working again! My forum was corrupt But it's better now thanks to a TCH TECHIE! THANKS SO MUCH! I have one other to update.. wish me luck! LOL Weezy Quote
Dark Posted February 13, 2005 Posted February 13, 2005 I just realized something whoahorse. I just checked your forum and you are running IPB not phpBB what did you try to upgrade? That could be what caused your problem. Quote
Head Guru Posted February 13, 2005 Posted February 13, 2005 Thanks to Abdul Hakeem my forum is working again! My forum was corrupt But it's better now thanks to a TCH TECHIE! THANKS SO MUCH! I have one other to update.. wish me luck! LOL Weezy Abdul rocks Quote
TCH-Don Posted February 13, 2005 Posted February 13, 2005 weezy, in your cpanel look for backup there you will see under download a database the names of all your databases click on each to save a compressed backup of the database. Later if need be you can upload them on the same cpanel page. Quote
TwelveMotion Posted February 13, 2005 Posted February 13, 2005 I got an e-mail that says I need to update my PHP forum. I installed it through Cpanel, but now I can't figure out how to upgrade it from Cpanel. Can someone please help me navigate? Quote
Dark Posted February 13, 2005 Posted February 13, 2005 I got an e-mail that says I need to update my PHP forum. I installed it through Cpanel, but now I can't figure out how to upgrade it from Cpanel. Can someone please help me navigate? <{POST_SNAPBACK}> Go to the same option you did when you installed it through cPanel you should see an upgrade option. Usually within cPanel there is an option that sayd "Bulletin Board" choose that. Quote
whoahorse Posted February 14, 2005 Posted February 14, 2005 I just realized something whoahorse. I just checked your forum and you are running IPB not phpBB what did you try to upgrade? That could be what caused your problem. <{POST_SNAPBACK}> Oh LOL! Thanks! I don't use the format you are talking about. It's good I upgraded thou, that forum was corrupt! Weezy Quote
whoahorse Posted February 14, 2005 Posted February 14, 2005 Abdul rocks <{POST_SNAPBACK}> I think all the techies and help staff are amazing! Weezy Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.