Advanced search  

News:

cpg1.5.46 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter recently discovered vulnerabilities. It is important that all users who run version cpg1.5.44 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: ly.php.rar & smekerie.php.rar uploaded to multiple coppermine based sites.  (Read 16752 times)

0 Members and 1 Guest are viewing this topic.

mike5751

  • Coppermine newbie
  • Offline Offline
  • Posts: 1

Hello

I run coppermine photo software on my site and a few days ago, two people from a European country uploaded a file called “ly.php.rar” and "smekerie.php.rar".  They each joined as a new member and uploaded the file within 2 minutes of each other.  Upon doing a google search of the uploaded files, it turns out this file is uploaded on numerous coppermine based photo galleries.  The file title is random keystrokes and the user name is some made up one.  Anyone have any ideas? I am hesitant to open the file as it maybe a virus or nasty code.  Any idea whats going on? Its not just my site, its hundreds of sites that have this same file uplaoded in the same fashion.  I think somethings going on here.

Thanks
« Last Edit: September 01, 2006, 11:00:07 PM by mike5751 »
Logged

Xerom

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Re: ly.php.rar & smekerie.php.rar uploaded to multiple coppermine based sites.
« Reply #2 on: November 06, 2009, 05:59:41 AM »

This has been fixed by coppermine, however if you want to know how to deny execution of scripts in any folder, you can create a .htaccess file and place it into the folder then add the following to it:

RemoveHandler cgi-script .pl .py .jsp .asp .htm .shtml .sh .cgi .php
RemoveHandler php5-script .php

Instead of executing the script it just displays the script code as text in the browser

As a precaution I placed this in /albums/userpics/.htaccess and /albums/edit/.htaccess seems to have solved my problem and peace of mind.
Logged
Pages: [1]   Go Up
 

Page created in 0.066 seconds with 20 queries.