[plug] PHP vulnerability

Luke Dudney ldlist at westnet.com.au
Wed Feb 23 08:46:07 WST 2005


Kai wrote:

>
> The nicely ordered 1 second intervals between GET requests is what 
> made me think it's prolly an intrusion attempt or, as you've 
> mentioned, a script kiddy.
>
> I don't run phpBB or Awstates so it's all good, just thought I'd 
> comment to the list anyway in case someone else is seeing the same thing.
>
> Cheers
>
> Kai


Speaking of phpBB, a new version was released on Monday which seems to 
fix some security issues. See below.

-----Original Message-----
From: phpBB list [mailto:noreply at phpbb.com] 
Sent: February 21, 2005 15:52
To: phpbb at wildroseweb.net
Subject: phpBB 2.0.12 released


Hi everyone,

phpBB Group announces the release of phpBB 2.0.12. This release
addresses a couple of potential exploits and fixes a number of issues
involving path disclosures, etc. It also introduces a new ACP based
version check (language package maintainers please note the
additional localisation required for this). For further information
please see our announcements forum at www.phpbb.com:

http://www.phpbb.com/phpBB/viewtopic.php?t=265423

As with all new releases we urge you to upgrade as soon as possible.
You can of course find this download available on our website at:

http://www.phpbb.com/downloads.php

As per usual three packages are available to simplify your upgrade.
Upgrade information using the mod template should be available
shortly (for those who prefer this method).





More information about the plug mailing list