Exploit-phpBB!hilight

Content

Exploit-phpBB!hilight

Type: Trojan
SubType: Exploit
Discovery Date: 12/25/2004
Length: Varies
Minimum DAT: 4417 (12/29/2004)
Updated DAT: 4775 (06/01/2006)
Minimum Engine: 5.1.00
Description Added: 12/26/2004
Description Modified: 12/26/2004 6:39 PM (PT)

Risk Assessment

Corporate User: Low
Home User: Low

Tab Navigation

Characteristics

This is a generic detection covering Perl scripts that attempt to exploit a highlighting vulnerability in phpBB software (such as the Perl/Santy.worm and variants). For information on the vulnerability, see:
http://secunia.com/advisories/13239

Symptoms

Vary. Scripts exploiting this vulnerability can perform a wide variety of tasks.

Method of Infection

This detection covers scripts attempt to exploit a vulnerability in phpBB 2.x. Administrators are urged to upgrade to the latest version, 2.0.11, that is not vulnerable:
http://www.phpbb.com/downloads.php

Removal

All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.

Variants

N/A

All Information

Overview -

This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.

Characteristics

Characteristics -

Symptoms

Symptoms -

Vary. Scripts exploiting this vulnerability can perform a wide variety of tasks.

Method of Infection

Method of Infection -

Removal -

All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.

Variants

Variants -

N/A

McAfee > Theat Center > Virus Detail Page

Navigation

Utility Navigation

Content