____/ Linonut on Friday 14 March 2008 17:05 : \____
> * Erik Funkenbusch peremptorily fired off this memo:
>
>> On Thu, 13 Mar 2008 22:12:53 +0000, Roy Schestowitz wrote:
>>
>>> This was found last night. My very out-of-date installation of phpBB got
>>> exploited (first time any of my software gets exploited in 7 years of
>>> running
>>> sites on BSD and Linux). I've cleaned most stuff up, but I'm styill
>>> working with the Web host to get rid of what's left. Script kiddies snuck
>>> in extra markup that points to some other domain (via iframe) -- whatever
>>> it actually does. This will be resolved by the weekend.
>>
>> So, in other words, Roy's own web site became one of those "zombies" he
>> always accuses Microsoft software of being.
>>
>> That's priceless.
>
> Only if you don't like Roy.
It's not a zombie. An iframe was injected which made contact with another site.
The issue is now resolved. It wouldn't surprise me if it turned out that tens
of hundreds of thousands of sites are affected, including Windows ones. I know
this from my Web host. It's chaos and the press publishes a lot of articles
about it at the moment.
--
~~ Best of wishes
Roy S. Schestowitz | "Disk quota exceeded; sig discontinued"
http://Schestowitz.com | GNU is Not UNIX | PGP-Key: 0x74572E8E
http://iuron.com - proposing a non-profit search engine
|
|
