1
Aianda
vulnerability discovered after site hack
  • 2006/12/10 16:35

  • Aianda

  • Just popping in

  • Posts: 71

  • Since: 2004/2/12


Hi, my site LaunchpadIsrael.com was recently hacked and the index.php file was replaced. This is what the system admin had to say:

I found a file in your w2/images/ folder called tmp1.php. This file appears to have uploaded via the vulnerability mentioned below. I could not verify if this version had a backport security fix for the issue, but the XML-RPC issue is actually quite common amongst CMSs before a certain date.

Also, you may want to check the galleries and make sure that only authorized users can upload files. A trick that is commonly used it to upload a file which is actually a php script, but with a GIF headers or as a RAR file. The server will still execute the file is the extension does not match.

--
http://secunia.com/advisories/16339/

"Some vulnerabilities have been reported in XOOPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

The vulnerabilities are caused due to vulnerable versions of PHPMailer and XML-RPC being used."

---

Is xoopsgallery known to be vulnerable, to malicious uploads?

https://xoops.org/modules/repository/singlefile.php?cid=36&lid=1272

Although, my site has users, it is a browse only.

any tips or feedback?

2
JCDunnart
Re: vulnerability discovered after site hack
  • 2006/12/10 16:49

  • JCDunnart

  • Not too shy to talk

  • Posts: 114

  • Since: 2006/7/1 5


Use the latest XOOPS releases - this old vulnerability was fixed last year, as it also states in the secunia report.

3
Aianda
Re: vulnerability discovered after site hack
  • 2006/12/10 16:51

  • Aianda

  • Just popping in

  • Posts: 71

  • Since: 2004/2/12


i am using 2.0.13.2 because it's meant to be more secure, are you saying it's not?

4
JCDunnart
Re: vulnerability discovered after site hack
  • 2006/12/10 17:00

  • JCDunnart

  • Not too shy to talk

  • Posts: 114

  • Since: 2006/7/1 5


The latest release of 2.0 is 2.0.16. That will contain the latest security fixes, as well as a number of bug fixes and some nice new features too.

How did you think an earlier release was more secure? From a local support site, from the forums here...? < confused me >

5
Aianda
Re: vulnerability discovered after site hack
  • 2006/12/10 17:10

  • Aianda

  • Just popping in

  • Posts: 71

  • Since: 2004/2/12


Can't remember. Must have read it here. Just remember making the choice based on security :( ??

thanks anyway JCDunnart.

Login

Who's Online

281 user(s) are online (186 user(s) are browsing Support Forums)


Members: 0


Guests: 281


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits