[LA.pm] udp.pl

Peter Benjamin pete at peterbenjamin.com
Mon Mar 7 22:09:27 PST 2005


At 02:43 PM 3/7/2005, David Crean wrote:
>Hey,
>
>I had sent a message about a perl spike on a cpu.  Appearently, this is due to a worm that takes advantage of a vulnerability in phpbb, attached to a file called udp.pl.  Anyone have any experience with it?


I've heard it puts root back doors in.
My advice is to research how to recovery.
What I've heard on other lists is to format
the hard drive and reinstall to eliminate
all back doors.  If phpbb was not fully
chrooted...



More information about the Losangeles-pm mailing list