Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Someone tried to hack myserver by uploading php.rar file  (Read 6057 times)

0 Members and 1 Guest are viewing this topic.

marion

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
Someone tried to hack myserver by uploading php.rar file
« on: March 12, 2006, 04:01:58 pm »

Hi,

I have cpg1.4.4 and some could upload a script file with extension name: php.rar, using this file he could get all necessary information from my server including /etc/passwd file. How can we prevent users from uploading such file with extension (RAR) and why disabling users from uploading files is not active?

This the script file that was uploaded to my server:

http://rst.void.ru/download/r57shell.txt
« Last Edit: November 20, 2007, 08:16:09 am by GauGau »
Logged

Nibbler

  • Guest
Re: Someone tried to hack myserver by uploading php.rar file
« Reply #1 on: March 12, 2006, 09:26:28 pm »

If you don't need .rar files uploaded then disallow them in config or with the filetypes plugin. If you do need to allow them then you need to ensure your server is setup to handle them.

http://forum.coppermine-gallery.net/index.php?topic=28079.msg129981#msg129981
Logged

DoctorMason

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
Re: Someone tried to hack myserver by uploading php.rar file
« Reply #2 on: November 19, 2007, 10:22:58 pm »

If you don't need .rar files uploaded then disallow them in config or with the filetypes plugin. If you do need to allow them then you need to ensure your server is setup to handle them.

http://forum.coppermine-gallery.net/index.php?topic=28079.msg129981#msg129981
I got a notice today, 19-Nov-07 from my hosting company of the same "http://nst.void.ru/" happening to my site. I (hopefully) found all of their files, deleted them, posted the warning here, and will ask my host to re-open my subdirectory.

P.S., When visiting that website you can see the hack there, and others available.
Logged

Nibbler

  • Guest
Re: Someone tried to hack myserver by uploading php.rar file
« Reply #3 on: November 19, 2007, 10:43:49 pm »

You must keep your gallery up to date.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Someone tried to hack myserver by uploading php.rar file
« Reply #4 on: November 20, 2007, 08:15:58 am »

Locking.
Logged
Pages: [1]   Go Up
 

Page created in 0.075 seconds with 19 queries.