Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Trendmicro claims cpg contains a virus???  (Read 2767 times)

0 Members and 1 Guest are viewing this topic.

niggo

  • Coppermine newbie
  • Offline Offline
  • Posts: 3
Trendmicro claims cpg contains a virus???
« on: July 21, 2005, 01:15:54 pm »

Hi,

I've installed CPG_1.3.3 under "http://juz.rossdorf.de/fotos_cpg/".
When I try to open this page, TrendMicro OfficeScan finds a lot of viruses called "JAVA_BYTEVER.A/B/C".
I Just installed cpg without any extensions and I downloaded it from the official SourceForge.net.
Is there a problem with TrendMicro or has a virus succeeded in infecting my webserver?

Could anyone please try to check whether this problem occurs on other AV-software?

Thanks!

Nico
Logged

Nibbler

  • Guest
Re: Trendmicro claims cpg contains a virus???
« Reply #1 on: July 21, 2005, 02:31:01 pm »

You've got some dodgy looking javascript at the top of your page. Unless that is intentional, you should replace all your files with fresh ones from the package.
Logged

niggo

  • Coppermine newbie
  • Offline Offline
  • Posts: 3
Re: Trendmicro claims cpg contains a virus???
« Reply #2 on: July 21, 2005, 05:17:37 pm »

Hi Nibbler,

thanks for your fast reply.

At the moment im unable to connect to the ftp (I don't have the account-data @work).

I didn't not modify any files of the script (of course except the config.inc.php), so is it possible that anyone has intruded into the webserver?

Can you give me a short extract of what the script looks like?

THX again!
Logged

niggo

  • Coppermine newbie
  • Offline Offline
  • Posts: 3
Re: Trendmicro claims cpg contains a virus???
« Reply #3 on: July 21, 2005, 06:14:51 pm »

I just took a look at Opera's browsercache:
It seems that the server has been penetrated, since I'm sure that I never uploaded these suspect html- and javascript-files.

I'm sure that the inverted commas, in the upper right corner, weren't there when I installed the gallery at the beginning of this week.

As soon as I'm at home (should be about 19h, GMT), I'll have a closer look at what has happened to the files located in the "fotos_cpg"-directory.

Logged
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 19 queries.