Jump to content

Recommended Posts

A number of vulnerabilities have been found in phpBB versions 2.0.x.

 

These vulnerabilities are being attacked by a worm that exploits a bug in phpBB versions 2.0.10 and earlier.

 

This is the first of a new kind of threat that automatically exploits a web application. The worm uses Google to search for phpBB boards, infects them, and then continues to spread from there. Infected sites show a red text "NeverEverNoSanity WebWorm Generation" (followed by a number) on a black background.

 

All users should download version 2.0.11 from latest phpBB version and update your sites immediately. If you installed it via our cpanel, you can upgrade in cpanel to the latest version.

Share this post


Link to post
Share on other sites

Is it safe to assume that the link on cpanel is the latest version?

Bottom of my (work in progress) board says - Powered by phpBB 2.0.11 © phpBB Group

 

Better safe then sorry ;)

 

Greg

Share this post


Link to post
Share on other sites

Yes, 2.0.11 from cpanel is fine.

 

We are aiming to check all versions of phpBB running on our servers, and send out an email tonight and tomorrow night to all people running old versions of phpBB.

 

If people do not update their forums within 48 hours, we aim to disable the forum (and only the forum, not the whole account) on their account, both to protect their accounts from being exploited and also to protect others on the servers from load issues which can be associated with these exploits.

 

 

As a reminder - this is another good reason to ensure your cpanel contact details are uptodate - for situations where we want to contact you quickly and easily.

Share this post


Link to post
Share on other sites

I got an email regarding this....but I'm not aware of having phpBB installed on any of my sites. Maybe I should submit a help desk ticket to find out for sure???

Share this post


Link to post
Share on other sites

I received the "upgrade phpbb" email this afternoon too. However, I upgraded to ver. 2.0.11 on Monday when the other "action required" blog software email came out.

 

Was this phpbb email another mass email to all accounts, or is TCH showing my phpbb being outdated?

 

Thanks!

Share this post


Link to post
Share on other sites

What has happened in some cases is people have installed phpBB, then just removed the files, but left the database. In our checks, we have got the version number from the database.

 

However, if in doubt, please open a help desk ticket ;)

Share this post


Link to post
Share on other sites

For the blonde people.. any step by step instructions of how to do this??

 

:tchrocks:

 

Weezy

Share this post


Link to post
Share on other sites

Ok I am running Invision Board......this is from my admin page:

 

PHP VERSION: 4.3.10, MySQL VERSION: 4.0.22-standard

 

I received the email tonight and I am not aware I loaded phpBB unless it's the same as Invision Board?

 

Thanks!

Donna

 

If by chance I did load it in the beginning to check it out how would I find it on my site index....cause I will just delete it.

 

:tchrocks:

Share this post


Link to post
Share on other sites

I received the email also. Several weeks ago there was an alert about phpbb stating we should upgrade. Not wanting to lose all my mods I did a Changed Files Only to update all the vulnerable files to v2.0.11. Does this mean I'm now going to have to do a full update?

Share this post


Link to post
Share on other sites

Weezy,

 

Go to your cPanel and then the Manage Mysql. Look to see that there aren't any extra databases in there other than what you normally use.

Share this post


Link to post
Share on other sites

I just received an e-mail from TCH Support warning me about an exploit in phpBB which I already knew about asking me to upgrade my forum within 24 hours or it will be disabled. I'm already using phpBB 2.0.11 which is the latest release so I just wanted to make that clear before someone from TCH disables my board. Perhaps I should submit a support ticket letting them know?

Share this post


Link to post
Share on other sites

I got this e-mail just a few minutes ago and I'm already running phpBB 2.0.11 I don't want them to disable my board. They may have been mistaken because I edited one of the tpl files to remove the software version.

Share this post


Link to post
Share on other sites

Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using?

Share this post


Link to post
Share on other sites

The biggest issue we are facing right now is this.

 

As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards.

 

However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches.

 

We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action.

 

I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this.

 

My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance.

 

As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view.

 

Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue.

 

Bill

Share this post


Link to post
Share on other sites
The biggest issue we are facing right now is this.

 

As many of you know there was a worm released that attacked the phpbb forums. When the worm was in the wild it would attempt sql injections. This took advantage of some bad code in PHP. We upgraded PHP instantly and pushed out a fix for all the boards.

 

However, now we are seeing the worm still attacking sites. Although the exploit isn't working the worm is still attacking sites thru Google searches.

 

We simply are pleading with clients to upgrade their phpbb installations. We have been taking action on a case by case basis, however it has become so widespread that we need to take this action.

 

I can not give you details on each and every one of your installs, I am sorry. I can only tell you that we are trying our best to deal with this.

 

My first suggestion to everyone would be a migration to a new forum system. We are using 'IPB' on the TotalChoice Hosting forums and have been very pleased with its performance.

 

As many of you might be aware, the phpbb web site was completely defaced and their server hacked. Whilst this may not be directly due to phpbb, in fact they have claimed it was to do with Awstats (we have already upgraded) it would behoove me to continue to support their software. This of course is just my personal view.

 

Please understand that phpbb is 3rd party software and we have no control over it. It is has come to a point where we must take some sort of action on this issue.

 

I understand but I am using IPB how do I check to see if I inavertnaly loaded phpBB?

 

Thanks Donna

Share this post


Link to post
Share on other sites

I received the email this evening. Since I did a lot of customizing to the code, I would like to replace just the supporting files that are at issue.

 

Can someone provide more explanation other than just "there is a problem" ?

 

Thanks.

Share this post


Link to post
Share on other sites

I hope you guys continue to support the phpBB software because I've been using it for awhile and prefer it over IPB or vBulletin, etc. Just for the record it's not just phpBB but all these forum softwares are liable to have vulnerabilities and just because phpBB is open source some people are claiming that's the reason for the exploit but I don't believe that to be true.

Share this post


Link to post
Share on other sites

Ok, now I'm really confused. I got a notice about Phpbb, but the two boards on my site both use IBP. I did use Phpbb at first but decided I didn't like it. Help?

Share this post


Link to post
Share on other sites

If your not actively using phpbb you should delete the dB and the folder for it.

 

We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing. We simply deleted the dB and the folder for it.

 

Technically we never really did support phpbb. It was simply a add-on script offered by cPanel.

 

Bill

Share this post


Link to post
Share on other sites

Bill, thank you so much! Sorry for the panic attack, it's been a long, hard day for me and my brain is totally fried right now :tchrocks: I've deleted all the pphbb databases and should only have the two IPB's now :)

Share this post


Link to post
Share on other sites
If your not actively using phpbb you should delete the dB and the folder for it.

 

We actaully found a phpbb install on the TotalChoice Hosting main server that we had used for testing.  We simply deleted the dB and the folder for it.

 

Technically we never really did support phpbb.  It was simply a add-on script offered by cPanel. 

 

Bill

 

Ok I had a blonde moment :tchrocks: I found a phpbb I set up for my family but they never used it and forgot about it.....I deleted it and the Chat thingy so hope that takes care of this.

Share this post


Link to post
Share on other sites

Here's a (possibly) tricky one...

 

I'm running a site with a Postnuke module/modded version of phpBB. (PNphpBB2)

It is the latest version of PNphpBB2, but the phpbb isn't - it's 2.0.10

 

A few months ago the folks at PNphpBB gave everyone a heads up about the other security risk (which I updated the forum with) but today I went to their website to see what the word was and...

http://www.pnphpbb.com/

 

*gulp*

 

So for the moment I've taken the forum on the site offline until I can investigate and too see if I can install a patch or an update from phpBB.

But after recieving the warning email - my fear is that you chaps will come along and disable the forum, which is intergrated into Postnuke - and which may therefore disable the entire site.

So just a request to your peeps over there - be careful out there. Watch where you put those size nines. :clapping:

Share this post


Link to post
Share on other sites
Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using?

 

I do have an extra one, but I think it is from the other board I used to have.

 

How do I know which one to delete?

 

Weezy

Share this post


Link to post
Share on other sites
Please, and if you could would you mind checking to make sure that there aren't any other databases set up that you aren't using?

 

Rob, in another account I have three databases and I think I only have one forum running from that one? What should I do?

 

Weezy

Share this post


Link to post
Share on other sites

whoahorse,

 

try checking the config.php file that's in your phpBB root folder to see which database your forum is using then go and delete the others that aren't in use.

 

To upgrade you can try doing that from cPanel if you originally installed your board from there or you can download the software and run the upgrade.php file from the archive and it should upgrade.

Share this post


Link to post
Share on other sites
Is there a thread somewhere of how to updrade our forums?

If you installed phpBB through cPanel there should be a one click option to upgrade to 2.0.11

 

If not then check the phpBB site, I'm sure they have instructions. :dance:

Share this post


Link to post
Share on other sites

I sure hope you made a back-up or perform daily back-ups because if you do then you should be able to fix it yourself in no time at all.

Share this post


Link to post
Share on other sites

 

I take it that's a no..

 

Do you have any back-ups? If not submit that ticket.

 

I do all install, upgrades, modifications myself that way if something does happen to go wrong I will know what it is and will be able to fix it.

 

Back-ups are intregal and should be done daily. You can do it from the Admin panel.

Share this post


Link to post
Share on other sites
Back-ups are intregal and should be done daily. You can do it from the Admin panel.

 

I keep all my HTML on my hard drive at home and work and I have all my website HTML on Disks. I never back up the forum thou. I think I read somewhere TCH does regular back ups thou?

 

Weezy

Share this post


Link to post
Share on other sites

Thanks to Abdul Hakeem my forum is working again!

 

My forum was corrupt :dance:

 

But it's better now thanks to a TCH TECHIE!

 

THANKS SO MUCH!

 

I have one other to update.. wish me luck!

 

LOL

 

Weezy

Share this post


Link to post
Share on other sites

I just realized something whoahorse. I just checked your forum and you are running IPB not phpBB what did you try to upgrade? That could be what caused your problem.

Share this post


Link to post
Share on other sites
Thanks to Abdul Hakeem my forum is working again!

 

My forum was corrupt  :dance:

 

But it's better now thanks to a TCH TECHIE!

 

THANKS SO MUCH!

 

I have one other to update.. wish me luck!

 

LOL

 

Weezy

 

Abdul rocks :dance:

Share this post


Link to post
Share on other sites

weezy,

 

in your cpanel look for backup

there you will see under download a database

the names of all your databases

click on each to save a compressed backup of the database.

Later if need be you can upload them on the same cpanel page.

Share this post


Link to post
Share on other sites

I got an e-mail that says I need to update my PHP forum. I installed it through Cpanel, but now I can't figure out how to upgrade it from Cpanel. Can someone please help me navigate?

Share this post


Link to post
Share on other sites
I got an e-mail that says I need to update my PHP forum.  I installed it through Cpanel, but now I can't figure out how to upgrade it from Cpanel.  Can someone please help me navigate?

 

Go to the same option you did when you installed it through cPanel you should see an upgrade option. Usually within cPanel there is an option that sayd "Bulletin Board" choose that.

Share this post


Link to post
Share on other sites
I just realized something whoahorse. I just checked your forum and you are running IPB not phpBB what did you try to upgrade? That could be what caused your problem.

 

Oh LOL! Thanks! I don't use the format you are talking about. It's good I upgraded thou, that forum was corrupt!

 

Weezy

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...