Погледнете го ова, може нема да влијае на багра, ама некој ќе треба добро да внимава

kaspersky Lab has detected a new worm, Net-Worm.Perl.Santy.a. This worm infects
certain web sites by exploiting a vulnerability in phpBB, a popular
package used to create Internet forums. Santy.a is spreading rapidly,
and has caused an epidemic. However, this does not directly affect end
users - although the worm infects web sites, it does not infect
computers used to view these sites.

Santy.a is something of a novelty - it creates a specially formulated
Google search request, which results in a list of sites running
vulnerable versions of phpBB. It then sends a request containing a
procedure which will trigger the vulnerability to these sites. Once the
attacked server processes the request, the worm will penetrate the
site,
gaining control over the resource. It then repeats this routine.

Once the worm has gained control over a site, it will scan all
directories on the infected site. All files with the extensions .htm,
.php, .asp, .shtm, .jsp and phtm will be overwritten with the text
'This
site is defaced!!! This site is defaced!!! NeverEverNoSanity WebWorm
generation'.

Apart from defacing infected sites with this text, the worm has no
payload. It will not infect machines which are used to view infected
sites. Kaspersky Lab recommends that all users of phpBB should upgrade
to version 2.0.11 to prevent their sites from being defaced.

An urgent update to Kaspersky Anti-Virus databases has already been
issued. Information about Santy.a can be found in the Kaspersky Virus
Encyclopaedia.

Using MSN to search for sites containing the above strings gives an extensive list of sites; evidence that Santy.a is currently causing an epidemic.

Users should note that this worm is not dangerous; it will not infect computers if users view an infected site.

[Сменето на 21/12/2004 од human_id]