I see that phpbb.com was hacked. Just wanted to make sure you were aware of it and don't have the same vulnerability on your server.
http://www.phpbb.com/
Dave.
Hey Ron - Check this out
Thanks Dave.
I got an email from my network op center about this, and it looks like it isn't phpbb, but a (currently undisclosed) 3rd party system that was exploited. I'm thinking it's probably a hole in PHP, since the php.net site is also down.
Anyway, it shouldn't be a problem, since there is no unencrypted private data in the database except for PMs. There's no real reason to worry right now, because the hackers involved are politically motivated, and I'm sure the site won't be targeted. Plus the whole db is backed up nightly, and I keep a week's worth of backups. As soon as there is a security patch for the afflicted system, I'll do the update.
It is baffling that a politically motivated group of hackers is exploiting general public licensed freeware. Maybe they work for Microsoft.
I got an email from my network op center about this, and it looks like it isn't phpbb, but a (currently undisclosed) 3rd party system that was exploited. I'm thinking it's probably a hole in PHP, since the php.net site is also down.
Anyway, it shouldn't be a problem, since there is no unencrypted private data in the database except for PMs. There's no real reason to worry right now, because the hackers involved are politically motivated, and I'm sure the site won't be targeted. Plus the whole db is backed up nightly, and I keep a week's worth of backups. As soon as there is a security patch for the afflicted system, I'll do the update.
It is baffling that a politically motivated group of hackers is exploiting general public licensed freeware. Maybe they work for Microsoft.
... and then the wheel fell off.
