PDA

View Full Version : awstats exploit takes down phpbb



moonshield
02-09-2005, 07:15 PM
It appears that Awstats exploit has broughten down phpbb.com, so if you use Awstats it would be best to update it. The exploit allows an attacker to gain root access and wreak havoc.

lz83ny
02-10-2005, 10:45 AM
I heard about it, too. Some people just don't know what to do with their lives. I think phpbb is a great open source project and they deserve to be respected and not hacked. But I think you're right in order to stop such activities in the first place, we need to update our software as often as possible.

bassplaya
07-16-2005, 03:32 PM
feeling more comfortable with punBB board rather than phpBB -- not so heavy

James
07-16-2005, 05:01 PM
I dunno, something just seems wrong with punBB. It scares me.

Cutter
07-16-2005, 05:39 PM
The crazy thing is these hackers are smart enough to make a lot of money legally, or at least they should be.

James
07-16-2005, 05:55 PM
The crazy thing is these hackers are smart enough to make a lot of money legally, or at least they should be.
Hell some hackers are millionares because they switched to using what they know about getting into places to protecting companies from people doing the very same thing they'd do to hack them.

Nintendo
07-18-2005, 02:46 AM
So why do you guys use phpbb when it's hacked monthly. psst, you get what you pay for. Hint: Try vBulletin. :D

moonshield
07-18-2005, 07:55 AM
php was not hacked in this case but awstats was.

Emancipator
07-18-2005, 12:45 PM
yeah i got hit by that and i switched to vbulletin...

bassplaya
07-18-2005, 01:06 PM
better find some Urchin-powered hosting)

moonshield
07-18-2005, 03:52 PM
or just update your software when new releases come out.

bassplaya
07-18-2005, 03:56 PM
that's the pain -- supporting about NN forum installations, a number of CMSes etc
thinking of allthat running from single codebase to ease maintenance - ie 1 update for all

James
07-18-2005, 04:10 PM
Well, not everyone has the exact same setup as you. So that's a little tough to do.

moonshield
07-18-2005, 04:15 PM
The awstats release that the phpbb team was using was several versions behind.

bassplaya
07-18-2005, 04:17 PM
James, they're not on the same server -- it's just the dream(