[Discussion] Downtime and Server Compromise
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Re: [Discussion] Downtime and Server Compromise
If you are not running PHPList, you do not need to patch anything.
My phpbb.com account
Note that any of my opinions expressed in RFC topics are my own and not necessarily representative of the opinion of the phpBB Team.
Note that any of my opinions expressed in RFC topics are my own and not necessarily representative of the opinion of the phpBB Team.
Re: [Discussion] Downtime and Server Compromise
how to check that i used phplist?
- darcie
- Community Team
- Posts: 189
- Joined: Mon Mar 12, 2007 7:32 pm
- Location: Davis, California
- Contact:
Re: [Discussion] Downtime and Server Compromise
This would have been a separate install you would have downloaded from phplist.com. It is not related to phpBB, it simply also uses PHP and it was something that phpBB.com had installed.
Re: [Discussion] Downtime and Server Compromise
If you are asking that question then I would say it is a safe bet that you are not using phplist
Re: [Discussion] Downtime and Server Compromise
THANKS GOD FOR THAT..
Can someone elaborate what this phplist do?
Can someone elaborate what this phplist do?
Re: [Discussion] Downtime and Server Compromise
it is a mailing list software for sending things out like news letters
Re: [Discussion] Downtime and Server Compromise
It is a mailing list script. It was used for the update notifications.
That being said, this topic is not for discussing PHPList -- it is for discussing the announcement Marshalrusty posted. Please keep on that topic.
Thanks.
That being said, this topic is not for discussing PHPList -- it is for discussing the announcement Marshalrusty posted. Please keep on that topic.
Thanks.
My phpbb.com account
Note that any of my opinions expressed in RFC topics are my own and not necessarily representative of the opinion of the phpBB Team.
Note that any of my opinions expressed in RFC topics are my own and not necessarily representative of the opinion of the phpBB Team.
Re: [Discussion] Downtime and Server Compromise
Its a mailing list and sends many emails to subscribers. We use it to notify people of new phpBB versions.parasolx wrote:THANKS GOD FOR THAT..
Can someone elaborate what this phplist do?
Re: [Discussion] Downtime and Server Compromise
Oic.. so attackers have entered through phplist to access all phpbb.com database. Then he could review all the private data which not allow being see by registered users.
If that happen, why phpbb.com have closed the board? Because it only can view the private data only, not edit any phpbb files?
If that happen, why phpbb.com have closed the board? Because it only can view the private data only, not edit any phpbb files?
Re: [Discussion] Downtime and Server Compromise
The only thing they could have really gotten their hands on would be the email usernames correct or would they be able to obtain passwords to with the exploit?