What we can learn from yesterday's phpBB.com hack

Yesterday the phpBB.com server got hacked. People who, like me, were there back in the days of phpBB2 will be reminded of the security flaws found in the software back then. However, this was not the cause of this hack. It was an unpatched version of another PHP package that caused the hack, which exposed amongst other things the full user database and several server passwords.

posted on February 2, 2009 - 0 comment(s) - tags: php, security, hack, phpbb

Php5_zce_logo

Tags

1337 2008 2010 2011 4developers access modifiers accessibility AdaLovelaceDay09 advent agavi agile alfred amsterdam amsterdamphp apache api apple article articles atk atkMetaNode audioscrobbler autoloading automation azure backwards compatibility barcelona barcodes bash bbc bbq beatstad belgium best practices bittorrent blogging blogs boards of canada book books bughuntday bundle caching cake cal evans calendar career cat cerf certificate cfp cilex clear cms cologne common sense communities community components composer conference conferences contest continuous integration contribute contribution crisis css curl custom d-day data migration datetime DbFinderPlugin decorator decorators deployment deps devdays development directoryindex directoryiterator docblox doctrine doctrine2 documentation download dpc dpc09 dpc10 dpc11 DPC2008 dreamhost drupal dv7 eclipse ed editors efficiency enterprise errors event events expertise ezcomponents facebook filter-branch filteriterator finland flickr fork framework frameworks free ticket freelance freeze frontend fun game games geoip germany getting real git github globiterator gnome-do google google calendar googletalk graceful degradation hack hackers hidden gem hiphop howto hp HR html http i386 ibuildings icann ide ideasofmarch idm imovie inclusivity indy ingewikkeld integration international php conference internet interview ipad IPC ipc ipc08 ipc10 ipc11se iterators iterm2 javascript jenkins jenkins-php job job openings jobeet john peel joomla joomladays kiva kubuntu launcher launchy left on the web libcurl libraries library lighttpd lime linktuesday linux live london loudblog m2ts mac magazines malware mambo manchester marjolein mediterra meeting meme meta methodology micro-financing microframework microsoft migration movie music mysql namespace namespaces netbeans netherlands newsfire nllgg northeastphp nos odmarco open source opinion ORM osx paradiso paris partnership pavilion pear pecl performance personal pfc10 pfc11 pfcongres pfcongrez pfz pfz.nl photo php PHP php5.3 phpabstract phpazure phpBB phpbb phpbelgium phpbenelux phpbnl10 phpday phpdoc phpdocumentor phpgg phpitalia phpnw phpnw08 phpnw11 phpnw12 phpstorm phptek phptek09 phpuk2009 phpUnderControl phpunit php|architect php|tek podcast politics portability postcrossing presentation presentations private projects protected prototype PSR-0 public python qa qr codes re2c recruiting refactoring review rewrite ruby on rails san francisco schedule scifi script security sensio seven things sexism sfdaycgn sflive2011 shell scripting silex simplexml slides smfony software sogeti solar sound speakers spl ssh standard standards star trek static steer strings stylesheets subversion symfony symfony live symfony2 Symfony2 symfonycamp symfonyday symfonylive symfonyUnderControlPlugin talk talks tech techademy technology techportal tek09 telecommuting terratec terrorism testfest testing textmate textpattern the right tool timeout tips tld todo tomas tools training twig uncon unet usability usergroup validation vhost video vim vinyl virus warp webinar weblogging webservices wiki windows winphp women wordpress work workshop world world of warcraft wpi writing wunderlist xml xpath xsd yara year youtube zc11 ZCE zemanta zend zend framework zend server zend studio zendcon Zend_Form zite
© 2004 - 2013 Stefan Koopmanschap + Powered by Symfony, photos powered by Flickr, links powered by Delicious, Shanghai smilies by Iconbuffet. Feeds: rss / atom. Left on the Web v4.4.0.1