UBB.threads PHP Forum Software Community Forums UBB.threads 6 Version 6 Support A new WORM attacking PHP boards? PLEASE READ!!!

I've heard that there is a new worm attacking php boards, totally ripping them apart.

How safe is UBB.Threads??? Anyone have any idea about this?

Here is the link to what I've found on it so far:

http://developers.slashdot.org/article.pl?sid=04/12/17/1641212&tid=169&tid=172

It got one of the Threads 6.4 boards that I administer and destroyed it.

It didn't effect the SQL data, so upgrading to Threads 6.5 got it running again. I'm told that 6.4 is more secure.

This worm only infects phpBB boards, and exploits a bug only present in phpBB.

The worm works on the server level, and will try to overwrite any file present on the server with itself. If your UBB.threads board was hit, it was because there's a phpBB somewhere else on the server.

I repeat, it is NOT possible for UBB.threads to be the vector for this worm.

One thing you SHOULD be worried about is old PHP versions. Like everyone else, we use the serialize()/unserialize() functions in UBB.threads. A malicious user could pass in data to UBB.threads to exploit a PHP security problem in these functions. There is nothing we can do to filter this data effectively. We urge all server owners to upgrade to PHP 4.3.10 immediately.

The phpBB worm and the serialize/unserialize issue are not connected.