Sanity worm defaces websites using php bug
sgorman1 at gmu.edu
sgorman1 at gmu.edu
Tue Dec 21 21:01:30 UTC 2004
there is this from f-secure with some detail of after effects.
http://www.f-secure.com/v-descs/santy_a.shtml
----- Original Message -----
From: cw <nanog at fidei.co.uk>
Date: Tuesday, December 21, 2004 3:47 pm
Subject: Re: Sanity worm defaces websites using php bug
>
> Does anyone have any more detail on exactly what this thing does
> after
> it gets into a system?
>
> The cgi platform for a company I use has been hit and the effect
> is
> not just limited to phpBB, it seems to get into the server and
> then go
> through everything it can write to..
>
> I lost a copy of UBB to this worm even though I don't rund phpBB
> off
> the same vhost.
>
> Gonna be a nightmare for server ops to ensure that all client
> copies
> of phpBB are patched..
>
>
More information about the NANOG
mailing list