On Wed, 4 Jan 2006, Craig Skinner wrote:
On Wed, Jan 04, 2006 at 05:28:38PM +0100, Joachim Schipper wrote:There was a phpBB2 in one of the paths used. If you have phpBB enabled somewhere, that's a likely attack vector.I noticed that too. phpBB has been used for many sorts of tricks.
A recent rundown of the numerous phpBB vulnerabilities can be found here:
http://www.linuxsecurity.com/content/view/121073 BTW, is the web server in question being started with the "-u" flag? -- Ian