Re: New Santy-Worm attacks *all* PHP-skripts

["Ronny Vaningh" <ronny netrusion com>]

Hi

I informed isc.sans.org about this on saturday morning but they failed to
explicitly mention that it wasn't only phpBB related

However setting register_globals to Off doesn't protect you completly

The script could be modified to use fopen to download the "sploit"

http://www.php-space.info/webmaster-news-3.php

There is some "less heavy" exploiting in the wild seen using this