Phpbb

[TCH-Andy]

A number of vulnerabilities have been found in phpBB versions 2.0.x.

 

These vulnerabilities are being attacked by a worm that exploits a bug in phpBB versions 2.0.10 and earlier.

 

This is the first of a new kind of threat that automatically exploits a web application. The worm uses Google to search for phpBB boards, infects them, and then continues to spread from there. Infected sites show a red text "NeverEverNoSanity WebWorm Generation" (followed by a number) on a black background.

 

All users should download version 2.0.11 from latest phpBB version and update your sites immediately. If you installed it via our cpanel, you can upgrade in cpanel to the latest version.

[TCH-Bruce]

This may be a new threat and TCH-MikeJ posted other vulnerabilites in this thread back in November.

 

http://www.totalchoicehosting.com/forums/i...showtopic=14581

[OldTimer]

Is it safe to assume that the link on cpanel is the latest version?

Bottom of my (work in progress) board says - Powered by phpBB 2.0.11 © phpBB Group

 

Better safe then sorry

 

Greg

[TCH-Andy]

Yes, 2.0.11 from cpanel is fine.

 

We are aiming to check all versions of phpBB running on our servers, and send out an email tonight and tomorrow night to all people running old versions of phpBB.

 

If people do not update their forums within 48 hours, we aim to disable the forum (and only the forum, not the whole account) on their account, both to protect their accounts from being exploited and also to protect others on the servers from load issues which can be associated with these exploits.

 

 

As a reminder - this is another good reason to ensure your cpanel contact details are uptodate - for situations where we want to contact you quickly and easily.

[OldTimer]

Thanks Andy

 

Just wanted to be sure.

 

Greg

[natimage]

I got an email regarding this....but I'm not aware of having phpBB installed on any of my sites. Maybe I should submit a help desk ticket to find out for sure???

[TroutSlayer]

I received the "upgrade phpbb" email this afternoon too. However, I upgraded to ver. 2.0.11 on Monday when the other "action required" blog software email came out.

 

Was this phpbb email another mass email to all accounts, or is TCH showing my phpbb being outdated?

 

Thanks!

[TCH-Andy]

What has happened in some cases is people have installed phpBB, then just removed the files, but left the database. In our checks, we have got the version number from the database.

 

However, if in doubt, please open a help desk ticket

[whoahorse]

For the blonde people.. any step by step instructions of how to do this??

 

 

Weezy

[Dumplin]

Ok I am running Invision Board......this is from my admin page:

 

PHP VERSION: 4.3.10, MySQL VERSION: 4.0.22-standard

 

I received the email tonight and I am not aware I loaded phpBB unless it's the same as Invision Board?

 

Thanks!

Donna

 

If by chance I did load it in the beginning to check it out how would I find it on my site index....cause I will just delete it.

 

[curtis]

I received the email also. Several weeks ago there was an alert about phpbb stating we should upgrade. Not wanting to lose all my mods I did a Changed Files Only to update all the vulnerable files to v2.0.11. Does this mean I'm now going to have to do a full update?

[TCH-Rob]

Weezy,

 

Go to your cPanel and then the Manage Mysql. Look to see that there aren't any extra databases in there other than what you normally use.

[Dark]

I just received an e-mail from TCH Support warning me about an exploit in phpBB which I already knew about asking me to upgrade my forum within 24 hours or it will be disabled. I'm already using phpBB 2.0.11 which is the latest release so I just wanted to make that clear before someone from TCH disables my board. Perhaps I should submit a support ticket letting them know?

[Dark]

I got this e-mail just a few minutes ago and I'm already running phpBB 2.0.11 I don't want them to disable my board. They may have been mistaken because I edited one of the tpl files to remove the software version.

[TCH-Rob]

Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using?

[Dark]

Will do. Thanks!

[Head Guru]

The biggest issue we are facing right now is this.

 

As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards.

 

However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches.

 

We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action.

 

I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this.

 

My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance.

 

As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view.

 

Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue.

 

Bill

[Dumplin]

The biggest issue we are facing right now is this.

 

As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards.

 

However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches.

 

We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action.

 

I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this.

 

My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance.

 

As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view.

 

Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue.

 

I understand but I am using IPB how do I check to see if I inavertnaly loaded phpBB?

 

Thanks Donna

[BrianB]

I received the email this evening. Since I did a lot of customizing to the code, I would like to replace just the supporting files that are at issue.

 

Can someone provide more explanation other than just "there is a problem" ?

 

Thanks.

[Dark]

I hope you guys continue to support the phpBB software because I've been using it for awhile and prefer it over IPB or vBulletin, etc. Just for the record it's not just phpBB but all these forum softwares are liable to have vulnerabilities and just because phpBB is open source some people are claiming that's the reason for the exploit but I don't believe that to be true.

[Pamm]

Ok, now I'm really confused. I got a notice about Phpbb, but the two boards on my site both use IBP. I did use Phpbb at first but decided I didn't like it. Help?

[Head Guru]

If your not actively using phpbb you should delete the dB and the folder for it.

 

We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing. We simply deleted the dB and the folder for it.

 

Technically we never really did support phpbb. It was simply a add-on script offered by cPanel.

 

Bill

[TCH-Bruce]

Brian, please see this post.

 

http://www.totalchoicehosting.com/forums/i...topic=17054&hl=

[Pamm]

Bill, thank you so much! Sorry for the panic attack, it's been a long, hard day for me and my brain is totally fried right now I've deleted all the pphbb databases and should only have the two IPB's now

[Dumplin]

If your not actively using phpbb you should delete the dB and the folder for it.

 

We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing.  We simply deleted the dB and the folder for it.

 

Technically we never really did support phpbb.  It was simply a add-on script offered by cPanel. 

 

Bill

<{POST_SNAPBACK}>

 

Ok I had a blonde moment I found a phpbb I set up for my family but they never used it and forgot about it.....I deleted it and the Chat thingy so hope that takes care of this.

[Webbie]

Here's a (possibly) tricky one...

 

I'm running a site with a Postnuke module/modded version of phpBB. (PNphpBB2)

It is the latest version of PNphpBB2, but the phpbb isn't - it's 2.0.10

 

A few months ago the folks at PNphpBB gave everyone a heads up about the other security risk (which I updated the forum with) but today I went to their website to see what the word was and...

http://www.pnphpbb.com/

 

*gulp*

 

So for the moment I've taken the forum on the site offline until I can investigate and too see if I can install a patch or an update from phpBB.

But after recieving the warning email - my fear is that you chaps will come along and disable the forum, which is intergrated into Postnuke - and which may therefore disable the entire site.

So just a request to your peeps over there - be careful out there. Watch where you put those size nines.

[whoahorse]

Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using?

<{POST_SNAPBACK}>

 

I do have an extra one, but I think it is from the other board I used to have.

 

How do I know which one to delete?

 

Weezy

[whoahorse]

Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using?

<{POST_SNAPBACK}>

 

Rob, in another account I have three databases and I think I only have one forum running from that one? What should I do?

 

Weezy

[whoahorse]

Is there a thread somewhere of how to updrade our forums?

 

Weezy

[Dark]

whoahorse,

 

try checking the config.php file that's in your phpBB root folder to see which database your forum is using then go and delete the others that aren't in use.

 

To upgrade you can try doing that from cPanel if you originally installed your board from there or you can download the software and run the upgrade.php file from the archive and it should upgrade.

[TCH-Bruce]

Is there a thread somewhere of how to updrade our forums?

If you installed phpBB through cPanel there should be a one click option to upgrade to 2.0.11

 

If not then check the phpBB site, I'm sure they have instructions.

[whoahorse]

I did install it throu cpanel.. where do I 'click'

 

???

 

weezy

[Dark]

I did install it throu cpanel.. where do I 'click'

 

???

 

weezy

<{POST_SNAPBACK}>

 

It should be under the "Bulletin Board" option in cPanel.

[whoahorse]

Well, I hit the "upgrade function" it said it was done successfully.

 

Now this is my forum.

 

http://www.whoahorse.com/forum

 

 

Weezy

[TCH-Bruce]

Open a support ticket with the help desk. I have used this feature and it worked fine.

[whoahorse]

Thanks Bruce... !

 

Weezy

[Dark]

I sure hope you made a back-up or perform daily back-ups because if you do then you should be able to fix it yourself in no time at all.

[whoahorse]

[Dark]

<{POST_SNAPBACK}>

 

I take it that's a no..

 

Do you have any back-ups? If not submit that ticket.

 

I do all install, upgrades, modifications myself that way if something does happen to go wrong I will know what it is and will be able to fix it.

 

Back-ups are intregal and should be done daily. You can do it from the Admin panel.

[whoahorse]

Back-ups are intregal and should be done daily. You can do it from the Admin panel.

<{POST_SNAPBACK}>

 

I keep all my HTML on my hard drive at home and work and I have all my website HTML on Disks. I never back up the forum thou. I think I read somewhere TCH does regular back ups thou?

 

Weezy

[whoahorse]

Thanks to Abdul Hakeem my forum is working again!

 

My forum was corrupt

 

But it's better now thanks to a TCH TECHIE!

 

THANKS SO MUCH!

 

I have one other to update.. wish me luck!

 

LOL

 

Weezy

[Dark]

I just realized something whoahorse. I just checked your forum and you are running IPB not phpBB what did you try to upgrade? That could be what caused your problem.

[Head Guru]

Thanks to Abdul Hakeem my forum is working again!

 

My forum was corrupt 

 

But it's better now thanks to a TCH TECHIE!

 

THANKS SO MUCH!

 

I have one other to update.. wish me luck!

 

LOL

 

Weezy

 

Abdul rocks

[TCH-Don]

weezy,

 

in your cpanel look for backup

there you will see under download a database

the names of all your databases

click on each to save a compressed backup of the database.

Later if need be you can upload them on the same cpanel page.

[TwelveMotion]

I got an e-mail that says I need to update my PHP forum. I installed it through Cpanel, but now I can't figure out how to upgrade it from Cpanel. Can someone please help me navigate?

[Dark]

I got an e-mail that says I need to update my PHP forum.  I installed it through Cpanel, but now I can't figure out how to upgrade it from Cpanel.  Can someone please help me navigate?

<{POST_SNAPBACK}>

 

Go to the same option you did when you installed it through cPanel you should see an upgrade option. Usually within cPanel there is an option that sayd "Bulletin Board" choose that.

[whoahorse]

I just realized something whoahorse. I just checked your forum and you are running IPB not phpBB what did you try to upgrade? That could be what caused your problem.

<{POST_SNAPBACK}>

 

Oh LOL! Thanks! I don't use the format you are talking about. It's good I upgraded thou, that forum was corrupt!

 

Weezy

[whoahorse]

Abdul rocks 

<{POST_SNAPBACK}>

 

I think all the techies and help staff are amazing!

 

Weezy