paulroberts3000 - 8:48 pm on Dec 23, 2004 (gmt 0)
it's actualy a php exploit, PHP should be upgraded to 4.3.10, phpbb and other forum software is just one way in. This realy should have been taken care of by the hosting companies running the servers before the attacks not after, I was attacked and don't even run phpbb on the sites affected.
Recently a serious exploitable issue was discovered in PHP (the scripting language in which phpBB, IPB, vB, etc. are written) versions prior to 4.3.10. The problematical functions include unserialize and realpath. phpBB (along with a great many other scripts including IPB, vB, etc.) use these two functions as a matter of course.