Anti-Santy Worm Patches phpBB Flaw 245
sebFlyte writes "Interesting Santy worm story -- there's now an anti-Santy worm proliferating, which spreads the same way as a normal worm, but rather than killing machines or taking control of them, it gives them security updates..." We mentioned the Santy worm about ten days ago.
Not very benificial (Score:5, Informative)
Re:White Knight Viruses/Worms? (Score:3, Informative)
IIRC, this caused as much damage as a normal worm. It crashed systems, destroyed windows installations, etc. etc.
Nice thought but... (Score:2, Informative)
Below are 2 sites that as of this posting have:
viewtopic.php secured by Anti-Santy-Worm V4
Your site is a bit safer, but upgrade to >= 2.0.11 !!
Upgrsrv:201.255.84.219/
http://www.ifotografi.it/secure.php/ [ifotografi.it]
http://www.forum.moto-portal.pl/secure.php/ [moto-portal.pl]
The Code (Score:5, Informative)
This is the code of the worm extracted from a vulnerable box.
# asw: anti santy worm
# this worm will try to fix any viewtopic.php on local box
# will use this box for 1 day to search other buggy phpBB forums, and end.
etc...
Re:which brings up another question... (Score:2, Informative)
Re:Concealed ends? (Score:2, Informative)
i am wholeheartedly against "benevolent worms".
Re:Security update? (Score:1, Informative)
The open door analogy is flawed because it operates under the pretense that an open door is faulty. A door can be open by design. A programming bug is not open by design. It is an error, just like a tumbler on a closed door which fails under physical pressure.