Advanced search  

News:

cpg1.5.46 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter recently discovered vulnerabilities. It is important that all users who run version cpg1.5.44 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: My Coppermine Site Sent out Spamming Email. How?  (Read 5057 times)

0 Members and 1 Guest are viewing this topic.

puretalk

  • Coppermine newbie
  • Offline Offline
  • Posts: 9
My Coppermine Site Sent out Spamming Email. How?
« on: May 13, 2006, 06:12:38 am »

The followings are the message from my host, can someone help. I need to know which file should I change in order this to happen again.

"There are files on your site that are allowing the spam to be sent. Just this morning the server was trying to send over 2500 emails, this caused the server to become overloaded and none of the sites on our server were working. We have been able to find the files that are spamming from within the file manager.
 
One of the files that was sending spam is located at: / public_html / albums / userpics / 10008 / Allah.php"

Thanks
« Last Edit: May 13, 2006, 02:54:35 pm by GauGau »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: My Coppermine Site Sent out Spamming Email. How?
« Reply #1 on: May 13, 2006, 07:26:00 am »

Allah.php is not part of the coppermine package, but a file that just resides within a sub-folder of your coppermine install. It has probably been uploaded by a malicious user as a subsequent hacking attempt (they try to disguise their trojan horses by putting them into sub-folders that look innocently). Delete the file in question (after having made a backup of it for forensic reasons) and scan your whole webserver for similar backdoors. Make sure to have the most recent coppermine version (as you have started your thread on the outdated cpg1.3.x board, you probably are not up-to-date). Make sure that you have not fallen vistim to the rar vulnerability (a webserver vulnerabilty, not a coppermine one, so you should ask your webhost) that has been discussed frequently on this board.
To summarize: this is probably not a coppermine issue. Ask your webhost for support. Search the board to find out what similar issues others had and what they did to solve it.
Logged

puretalk

  • Coppermine newbie
  • Offline Offline
  • Posts: 9
Re: My Coppermine Site Sent out Spamming Email. How?
« Reply #2 on: May 13, 2006, 02:42:50 pm »

Dear GauGau

Thanks, will ask my host to help



Logged
Pages: [1]   Go Up
 

Page created in 0.013 seconds with 20 queries.