Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: sanyo_php.rar - Coppermine Exploit ??????  (Read 4888 times)

0 Members and 1 Guest are viewing this topic.

derperle

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 13
sanyo_php.rar - Coppermine Exploit ??????
« on: October 29, 2006, 06:08:22 pm »

Some one with the name Jolicoeur has uploaded a File with the name sanyo_php.rar

Here is a link to the File: http://erwischt.er.funpic.de/cpg132/blabla.txt
Can Someone tell me what this file do and if my gallery is hacked ????
Please!!!!!!!!!!!!!!!!!!!!!1
« Last Edit: October 30, 2006, 08:15:45 am by GauGau »
Logged

Nibbler

  • Guest
Re: sanyo_php.rar - Coppermine Exploit ??????
« Reply #1 on: October 29, 2006, 06:52:02 pm »

Your gallery appears to be gone. I expect you were running an outdated version of Coppermine.
Logged

derperle

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 13
Re: sanyo_php.rar - Coppermine Exploit ??????
« Reply #2 on: October 29, 2006, 10:51:45 pm »

I've the Last Coppermine Version.
1.4.9
I've delete the File. What else can do. The File are in the EDIT folder and i dont give the permission to add the File in my Gallery.
Now i forbid tho upload of rar files
But is there any danger for my gallery???
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: sanyo_php.rar - Coppermine Exploit ??????
« Reply #3 on: October 30, 2006, 01:29:24 am »

It looks like your gallery is gone, though, isn't it?
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Logged

derperle

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 13
Re: sanyo_php.rar - Coppermine Exploit ??????
« Reply #5 on: October 30, 2006, 07:56:30 am »

No.
My gallery is still running. But thanks for the Copppermine Security Update.
But if you check google with the keyword sanyo_php you see some gallerys wich are infected
http://www.google.de/search?q=sanyo_php&start=0&ie=utf-8&oe=utf-8&meta=lr%3Dlang_de&client=firefox-a&rls=org.mozilla:de:official

Here is my gallery: http://erwischtorg.h759617.serverkompetenz.net/cpg132/index.php

It seems like everything is OK....
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: sanyo_php.rar - Coppermine Exploit ??????
« Reply #6 on: October 30, 2006, 08:15:33 am »

We're aware of this, but how should we cure those sites? Hopefully, the people who run those sites will return to coppermine's homepage and apply the fix and review security on their site.
As with nearly all similar vulnerabilities, we're not too keen to discuss details about the exploits publicly, as it would give script kiddies an idea what to do to launch attacks against unpatched galleries.

Marking thread as "solved"
Logged
Pages: [1]   Go Up
 

Page created in 0.027 seconds with 21 queries.