On Mon, Dec 27, 2004 at 11:50:52AM +0100, Mailings wrote:

Not that I'm accusing anybody of anything here, but can somebody please explain who is telling the truth here? The phpBB site is stating that the problem is PHP. As I've already upgraded to the 4.3.10 version of PHP (I install Apache and PHP myself from the source), I'm assuming that I'm safe.

The trendmicro link the original poster refered to explicitly states phpBB at fault. check: http://sourceforge.net/project/shownotes.php?group_id=7885&release_id=283691 There definitely is a PHP vulnerability, but the Santy.A worm does not use it, it uses the phpBB vulnerability in phpBB version prior to phpBB 2.0.11. Ciao, Marcus