Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: *.php.rar = big problem  (Read 4614 times)

0 Members and 1 Guest are viewing this topic.

mopieo

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
*.php.rar = big problem
« on: August 01, 2006, 08:09:06 pm »

This might not be obvious to everybody: the maintenance release and hotfix will not cure infected webspace (i.e. pages that have fallen victim to the xxx.php.rar exploit). It will only keep sites that haven't been hit by the attack so far from being vulnerable.
Copying this quote from a different board here.  Is there a way to fix sites that HAVE been hit by the attack?  Or am I doomed?  This file was uploaded to my gallery while I was away on vacation - I thought I had permissions changed so that no one could upload except me... obviously I was wrong.  Now I am unable to upload any new images, although otherwise the gallery seems to be functioning normally.

I am a major newbie when it comes to any type of coding, so explanations should be kept to plain English as much as possible.  I am pretty good at following directions, though.   ;)
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: *.php.rar = big problem
« Reply #1 on: August 01, 2006, 10:41:06 pm »

Plain English suggestions:
1) Upgrade your gallery to the most recent stable version of coppermine (currently cpg1.4.8). The file wouldn't have been uploaded if you were running the most recent version. When quoting a thread that says you have to upgrade, you should do so.
2) Scan your server webspace for any suspicious files. There mustn't be any files matching the pattern xxx.php or xxx.php.rar inside the albums folder (there might be some index files that you can savely delete). Scan all other coppermine folders: there mustn't be any files that don't come with the coppermine package, except include/config.inc.php, include/install.lock and possibly some log files inside the log folder.
3) Ask your webhost for support.
Logged
Pages: [1]   Go Up
 

Page created in 0.016 seconds with 19 queries.