Full Disclosure mailing list archives

Re: Security of phpBB

From: bugtraq () cgisecurity net
Date: Mon, 20 Jun 2005 08:30:28 -0400 (EDT)


Hi,

I am new to this list and to security in general so please excuse my 
question. A friend told me that our forum software phpBB is not very secure 
and told me about this. Where can I get information on that? What must I do


www.securityfocus.com has an archive of just about every phpbb issue. You probably also
want to check the vendor changelog at www.phpbb.com.

to make it secure?


Uninstall it. In all seriousness I'd say phpbb and phpnuke have some of the worst track records 
for a web application ever.

- admin () cgisecurity com
http://www.cgisecurity.com


Thank you.

Kind regards,
Tom Edwards, Manager

_________________________________________________________________
MSN Hotmail. Anmelden und gewinnen! http://www.msn.de/email/webbased/ Ihre 
Chance, eines von 10 T-Mobile MDA II zu gewinnen!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Security of phpBB Tom Edwards (Jun 20)
- Re: Security of phpBB bugtraq (Jun 20)
- Re: Security of phpBB Moritz Naumann (Jun 20)
  - Re: Security of phpBB Daniel (Jun 20)
    - Re: Security of phpBB Tom Edwards (Jun 20)
- Re: Security of phpBB Aaron Horst (Jun 20)
- Re: Security of phpBB milw0rm Inc. (Jun 20)
  - Re: Security of phpBB nick johnson (Jun 21)
    - Re: Security of phpBB milw0rm Inc. (Jun 21)
    - Re: Security of phpBB nick johnson (Jun 21)
- <Possible follow-ups>
- Re: Security of phpBB nick johnson (Jun 20)