Topic: phpBB Site Cracked, Developers Locked Out

The server hosting the main site for the phpBB bulletin board has been cracked, leaving the development team locked out of its primary server. The open source project's web site was compromised using a vulnerability in a separate program, AWStats, which was announced Jan. 17 and has also been used to hack several popular weblogs in recent days.

The phpBB.com site blamed the intrusion on "a group of politically motivated hackers" wishing to publicize an agenda. "While the group who did this say they changed only a single password, we have lost all access to the server, " the phpBB.com team states. "This means we cannot access the system even in single user mode." The compromised server is being shipped from the project's data center to its server manager, meaning the site is unlikely to be restored immediately.

phpBB is among the web's most popular bulletin board programs, with more than 150,000 registered members of its user forum. In recent months it has been in the news for security issues, including the defacing of numerous phpBB sites by the Santy worm and the release of code that can exploit weaknesses in PHP to steal administrative passwords for phpBB forums.

Last October the web site of another open source content management system, PostNuke, distributed hacked code for more than 32 hours before site maintainers addressed the security breach. The compromise was b;amed on an insecure third-party application.

The Netcraft Network Examination is an automated vulnerability test of Internet-connected networks which checks for new security vulnerabilities and configuration errors caused by system and network maintenance.


http://news.netcraft.com/archives/2005/ … d_out.html

2 (edited by Dr.Jeckyl 2005-02-11 17:40)

Re: phpBB Site Cracked, Developers Locked Out

i find it interesting that they (phpbb and nuke) both blamed it on "3rd party" programs before they even knew for certain what has happened. i read that some net hosts are pulling and/or forcing their customers not to use the latest version of phpbb until this is resolved. interesting none-the-less.

~James
FluxBB - Less is more

3

Re: phpBB Site Cracked, Developers Locked Out

On December 25, my sites were attacked using a perl worm, I had to use an .htaccess file to stop the attack. Nothing happened but my bandwidth was suffering. On February 9th, the attacks began anew.

If the phpBB claims are correct, then there would be many sites affected by an Awstats vulnerability.

4

Re: phpBB Site Cracked, Developers Locked Out

And indeed on my web host, many non-phpBB sites were indeed affected at the first go-round. The host put it down to the awstats vuln.