forum.coppermine-gallery.net
Support => cpg1.4.x Support => Older/other versions => cpg1.4 miscellaneous => Topic started by: Tonk on October 22, 2009, 12:55:33 pm
-
Hallo guys,
I'm running a small Coppermine powered page only for me and a few friends. Today a strange user called "sisjz" registered to my page. Cause this name doesn't belong to any of my friends, I became suspicious and looked up the name in google. I found out, that there are other Coppermine pages, with this username and he ALWAYS registered today. So I think there is a bot running, "attacking" Coppermine systems. I just updated my Coopermine to the latest version, but wenn the bot registered, I was running 1.4.21.
Is there anything to worry about? Could he have done damage to my system?
Thanks for answers
Kind regards Tonk
-
If the user is unknown to you then i suggest delete him. Also scan your folder structure for any unknown files which that user might have uploaded and delete them.
No known security issues for the current stable release.
-
To make this clear: there are known security issues for all versions prior to the actual stable release. That's why maintenance releases get released: they fix bugs and vulnerabilities. As you haven't been running the most recent stable release when that user registered, there's no saying if you have been attacked or if the user was just probing in an attempt to comment-spam pages. If you're not sure (and a bit paranoid), do as suggested in the thread "Yikes, I've been hacked! Now what? (http://forum.coppermine-gallery.net/index.php/topic,51927.0.html)".
I haven't seen so many hits in Google for the terms sisjz and coppermine: http://www.google.com/search?q=sisjz+coppermine returns 30 hits for me. That could have been a manual registration as well: labor is cheap in many countries...