You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 432 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Be Advised!: New Santy Strain Attacks All PHP Web Scripts!
SecurityZhen-Xjell writes "Folks, it seems that Santy worm has taken on a new strain. It also searches Yahoo now in addition to Google, but it looks for any PHP scripts with all possible arguments passed thru in the HTTP GET. This worm tries all arguments in your PHP script to throw in a shell commands that access a particular website, download some text files into /tmp, and then execute them using Perl...

SOURCE: http://castlecops.com/article-5640-nested-0-0.html (Full Story)
Posted on Saturday, December 25 @ 18:45:40 CET by VinDSL
 
Related Links
· Computer Cops
· More about Security
· News by VinDSL


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 5
Votes: 1


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: Be Advised!: New Santy Strain Attacks All PHP Web Scripts! (Score: 1)
by Zhen-Xjell on Sunday, December 26 @ 02:03:52 CET
(User Info | Send a Message) http://castlecops.com
Hey nice to see it up here, thanks Vin. Please note, I've noticed folks filtering incorrectly on "echr", etc. Reasoning why this is invalid is in the link you give above, in the comment section. I added on more details there.

Please folks, do not filter on "echr", or the like. That is invalid logic.



Re: Be Advised!: New Santy Strain Attacks All PHP Web Scripts! (Score: 1)
by spcdata on Sunday, December 26 @ 02:32:35 CET
(User Info | Send a Message) http://www.nextnet.se
Hi! a little question, if perl is not used there is no worry?


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.092 Seconds - 179 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::