I may have been cracked. yippee!
eric c
eric-yrHdaQSNc4gdnm+yROfE0A at public.gmane.org
Wed Jun 20 00:00:54 EDT 2007
i've just looked over the xoops specific files and there's lots of
failed email attempts, lot's of failed upload errors, automated attacks
on modules i didn't even have installed and attacks on modules i do have
installed.
also found this:
XOOPS Multiple Module Spaw_Control.Class.PHP Remote File Include
Vulnerability
from: http://www.securityfocus.com/bid/24302/info
they already know about it at xoops.org but i would wager there's
hundreds of vulnerable websites out there. easy pickings.
i've finally got off my butt and deleted that cms from my server.
this brings me to my next question, are there any php / perl based cms's
out there that have some type of automatic update or security alert
feature? how about one that also includes updates for modules? now
that even grandma can install a cms it would seem such a feature would
be very beneficial.
eric c. slightly tampered with but not really cracked. (yet)
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Discuss
mailing list