[Dshield] Anybody notice a lot of cross-site scriptinghackattempts against phpBB sites?

Brenden Walker BKWalker at drbsystems.com
Mon Oct 3 12:04:56 GMT 2005


After further analysis, this exploit attempt seems to be aimed at
PHP-Nuke websites with phpBB installed..

Seemed to go away after a couple of hours of attempts. 

> -----Original Message-----
> From: list-bounces at lists.dshield.org 
> [mailto:list-bounces at lists.dshield.org] On Behalf Of Ed Truitt
> Sent: Friday, September 30, 2005 9:15 AM
> To: General DShield Discussion List
> Subject: Re: [Dshield] Anybody notice a lot of cross-site 
> scriptinghackattempts against phpBB sites?
> 
> There have been lots of vulns reported against phpBB 
> recently, and exploits galore.  I look at the phpBB home site 
> at least weekly, in case a new version has come out since I 
> went to bed...
> 
> -EdTr.
> -----Original Message-----
> From: "Brenden Walker" <BKWalker at drbsystems.com>
> Date: Thu, 29 Sep 2005 10:27:56
> To:"General DShield Discussion List" <list at lists.dshield.org>
> Subject: [Dshield] Anybody notice a lot of cross-site scripting hack
> 	attempts against phpBB sites?
> 
> Thought this might fit here, I just had 5 attempts in the 
> last few minutes to backup my database remotely (blocked of 
> course, no problem there). The weird thing is the places it's 
> coming from:
> 
> 82.197.66.29
> 217.172.161.128
> 72.3.245.154
> 64.40.106.88
> 66.159.16.8
> 
> 
> Seems fairly scattered around.. Weird...
> 
> _________________________________________
> Using .Net? Need to know more about .Net Security?
> http://isc.sans.org/banner_count.php?dest=dotnet
> 
> _______________________________________________
> send all posts to list at lists.dshield.org To change your 
> subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 
> Cheers,
> -E D Truitt
> 
> Sent via my BlackBerry from Cingular Wireless 
> _________________________________________
> Using .Net? Need to know more about .Net Security?
> http://isc.sans.org/banner_count.php?dest=dotnet
> 
> _______________________________________________
> send all posts to list at lists.dshield.org To change your 
> subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 



More information about the list mailing list