If anyone running outdated or insecure php scripts could update them or disable them it would be greatly appreciated. One server we just checked had quite a few outdated scripts running. For instance php bb which is one of the worst to leave even one build behind is showing a lot of outdated builds on the one server we've checked so far:
Latest 2.0.22
Version: 2.0.4, (usernames removed) /forum/
Version: 2.0.21, /fourm/
Version: 2.0.2, /forum/
Version: 2.0.2, /forum/
Version: 2.0.19, /forum/
Version: 2.0.19, /forums/
Version: 2.0.18, /main/
Version: 2.0.5, ./modules/P/NphpBB2/
Version: 2.0.21, /bb/
Version: 2.0.2, /forum/
Version: 2.0.2, /forum/
Version: 2.0.11, modules/DForum/
Version: 2.0.20, /forums/
Version: 2.0.17, /forum/
Version: 2.0.2, /legacy/
Version: 2.0.1, /
Version: 2.0.2, /forum/
Version: 2.0.0, /theo.../
Version: 2.0.4, /forum/
Version: 2.0.2, /premium/
Version: 2.0.6, /tst/
Version: 2.0.21, /forum/
Version: 2.0.20, /forum/
Version: 2.0.19, /forum/
Version: 2.0.20, /board/
Version: 2.0.19, /forum/
Version: 2.0.6, /forum/
Version: 2.0.21, /discuss/
Version: 2.0.21, /discussion/
Version: 2.0.21, /board/
Version: 2.0.17, /pcs/
Version: 2.0.0, /forum/
phpbb.com site is down due to hardware failure right now, and they say they will be down for days. But there is a link to get the newest version
there
It isn't only phpbb though. Looking through a lot of defaced sites and servers at other hosting companies brings up (almost exclusively) sites running all of the major mass distributed php scripts. Joomla, et. al. and there are recent advisories out on many of the common scripts.
We have a slight amount of breathing room due to the fundamental security changes we made about this time last year which wreaked havock and caused a lot of customers to either abandon insecure scripts or move to one of those servers that are getting hacked right now.
We'll be adding some inline IDS hardware pretty soon (probably tomorrow) to make sure we stay on top of potential problems.
The real time logs (here) are showing increased sophistication and mod_security is begining to be breached although we are updated to the latest possible build and slightly into the experimental side of that code with patches. The hackers never give up and another Bushism comes to mind "they only need to be right once"
www.zone-h.org - Digital Attacks Archive: today's verified attacks
Linear Mode
