Joeychgo
01-09-2005, 12:20 PM
As many of you will be aware, sites running phpBB have been dropping like flies over the past few days, due to a vulnerability in older versions of phpBB.
BBC news article (http://news.bbc.co.uk/1/hi/technology/4117711.stm)
While vBulletin itself is not vulnerable to attack, if your vBulletin is installed on a shared server that also hosts vulnerable phpBB boards, you could find that your board suffers collateral damage from the phpBB attacks.
If the phpBB vulnerability is attacked, it will attempt to replace every .htm, .php and .asp file with a defaced version.
If your vBulletin could possibly be installed on a server also hosting vulnerable phpBB boards, we would recommend that you take a few moments to ensure that your script files are not globally writable.
Source: vBulletin.com (http://www.vbulletin.com/forum/showthread.php?t=124008)
BBC news article (http://news.bbc.co.uk/1/hi/technology/4117711.stm)
While vBulletin itself is not vulnerable to attack, if your vBulletin is installed on a shared server that also hosts vulnerable phpBB boards, you could find that your board suffers collateral damage from the phpBB attacks.
If the phpBB vulnerability is attacked, it will attempt to replace every .htm, .php and .asp file with a defaced version.
If your vBulletin could possibly be installed on a server also hosting vulnerable phpBB boards, we would recommend that you take a few moments to ensure that your script files are not globally writable.
Source: vBulletin.com (http://www.vbulletin.com/forum/showthread.php?t=124008)
