1
_ccp_
Xoops 2.0.14 vulnerable
  • 2006/8/23 14:52

  • _ccp_

  • Just popping in

  • Posts: 51

  • Since: 2006/6/21


Hello people, I would like to warn that they have hacked my page, apparently single are modified index and they have not been able to touch you, under name of Hacked By CyberLord FOR ISLAM, somebody knows if it will leave some version or new patch?

2
davidl2
Re: Xoops 2.0.14 vulnerable
  • 2006/8/23 15:11

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


This does not mean that XOOPS itself has a security issue, however it could mean that your server has.

Have you installed Protector? This will check several common security issues as well.

3
Peekay
Re: Xoops 2.0.14 vulnerable
  • 2006/8/23 15:58

  • Peekay

  • XOOPS is my life!

  • Posts: 2335

  • Since: 2004/11/20


Most worm exploits trawl through the entire server damaging or defacing 'index.php' and 'index.html' files. If you are on a shared server, the vulnerability could be in an application used by anyone on the same machine. Older versions of phpbb bulletin board were a popular gateway for hackers.
A thread is for life. Not just for Christmas.

4
davidl2
Re: Xoops 2.0.14 vulnerable
  • 2006/8/23 16:01

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


Theres also been issues with MyAds - and two modules based on this.

Which modules does your site use?

5
giba
Re: Xoops 2.0.14 vulnerable
  • 2006/8/23 16:34

  • giba

  • Just can't stay away

  • Posts: 638

  • Since: 2003/4/26


What modules your use in site ?

This is one Example, no is one problem ok:

- News
- cbb
- wfsections
- smartpartner
- MyAds


I agree with david, exist one module vulnerable or your server shared and path external is open.
I have same problem in site xoopsmods

6
_ccp_
Re: Xoops 2.0.14 vulnerable
  • 2006/8/23 18:13

  • _ccp_

  • Just popping in

  • Posts: 51

  • Since: 2006/6/21


no, I see this modules problems some time ago,I use news,newbb,membership,fullistnews,estadisticas,myalbum-p,mydowloads,mydowloads2,xoopfaq,section,rssfit and XOOPS pool..

7
giba
Re: Xoops 2.0.14 vulnerable
  • 2006/8/23 22:10

  • giba

  • Just can't stay away

  • Posts: 638

  • Since: 2003/4/26


Quote:

_ccp_ wrote:
no, I see this modules problems some time ago,I use


news - no problem for-me (if version 1.21 warnig)
newbb - no problem but (version 2.0 warning)
membership - no problem
fullistnews - What?s This module i not look
estadisticas - yew warning.
myalbum-p - No problem
mydowloads - if version hervet, perfect
mydowloads2 - if cloned version hervet ok
xoopfaq - no problem
section - no problem
rssfit - here i not see
xoopspool - if version 1.2 by Giba no problem,

Please, exist related warning for this modules in bold. But dependence for your version you use.

Login

Who's Online

251 user(s) are online (179 user(s) are browsing Support Forums)


Members: 0


Guests: 251


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits