Open source tool put on red alert

Hundreds of thousands of websites may be at risk after hackers discovered a vulnerability in a popular web server program.

Users running PHP Nuke, a free open source tool for database-based websites, were put on red alert yesterday when it was discovered that hackers were exploiting a recently discovered flaw in the code to take control of servers.

The glitch exists in all versions of PHP Nuke and allows unauthorised users to copy files to and from the web server and possibly gain control of the machine.

There are over 22,000 users registered at the program's PHPNuke.org website but it is thought that there may be hundreds of thousands of sites running the vulnerable software.

In fact, the rogue hacker who defaced over a dozen websites earlier this week in the name of vigilante group YIHAT is thought to have exploited this very same bug. Another hacker called Tzunami has defaced almost 100 sites in the past week apparently using this vulnerability.

Security site Alphaque also has an interesting article about an intruder using the exploit to break into its site, getting caught red handed and trapped in a honey pot.

An advisory on the bug was recently released by hacker group TWLC, which claims to have discovered the bug, along with a workaround for patching it.

"Just don't try to be a script kiddie or we simply won't post anymore of these kinds of advisories," warned the group. "We wrote this advisory to help people who run PHP Nuke and not to let you have fun."