On TechRepublic: 12 tech terms that make you sound old
BNET Business Network:
BNET
TechRepublic
ZDNet

February 4th, 2009

phpBB.com hacked; Details scarce

Posted by Ryan Naraine @ 12:13 pm

Categories: Arbitrary Code Execution, Browsers, Data theft, Exploit code, Open source, Patch Watch, Pen testing

Tags: Vulnerability, Home Page, Security, Open Source, Ryan Naraine

[ UPDATE: A reader e-mailed a link to this blog describing a blow-by-blow attack against phpBB.com. ]

One of the most widely used open-source bulletin board system in the world has been attacked by malicious hackers.

According to a brief “maintenance” notice posted on the phpbb.com home page (screenshot below), the attack occurred through a vulnerability in an outdated PHPList installation.

No other details were offered.   On the bright side, the phpBB maintainers said no vulnerabilities were found in the phpBB software itself.

The phpBB.com home page and related sites are currently unavailable.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Talkback

Add your opinion

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline