nanog mailing list archives
Re: Sanity worm defaces websites using php bug
From: sgorman1 () gmu edu
Date: Tue, 21 Dec 2004 16:01:30 -0500
there is this from f-secure with some detail of after effects. http://www.f-secure.com/v-descs/santy_a.shtml ----- Original Message ----- From: cw <nanog () fidei co uk> Date: Tuesday, December 21, 2004 3:47 pm Subject: Re: Sanity worm defaces websites using php bug
Does anyone have any more detail on exactly what this thing does after it gets into a system? The cgi platform for a company I use has been hit and the effect is not just limited to phpBB, it seems to get into the server and then go through everything it can write to.. I lost a copy of UBB to this worm even though I don't rund phpBB off the same vhost. Gonna be a nightmare for server ops to ensure that all client copies of phpBB are patched..
Current thread:
- Sanity worm defaces websites using php bug Fergie (Paul Ferguson) (Dec 21)
- Re: Sanity worm defaces websites using php bug Dan Hollis (Dec 21)
- Re: Sanity worm defaces websites using php bug cw (Dec 21)
- Re: Sanity worm defaces websites using php bug Dave Dennis (Dec 21)
- Re: Sanity worm defaces websites using php bug Gadi Evron (Dec 21)
- Re: Sanity worm defaces websites using php bug Paul G (Dec 21)
- Re: Sanity worm defaces websites using php bug Gadi Evron (Dec 21)
- Re: Sanity worm defaces websites using php bug cw (Dec 21)
- Re: Sanity worm defaces websites using php bug Gadi Evron (Dec 22)
- <Possible follow-ups>
- Re: Sanity worm defaces websites using php bug sgorman1 (Dec 21)
- Re: Sanity worm defaces websites using php bug sgorman1 (Dec 21)
- Re: Sanity worm defaces websites using php bug Dan Hollis (Dec 21)