Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Strange user "sisjz" registered to many coppermine systems today. Worry ?  (Read 2897 times)

0 Members and 1 Guest are viewing this topic.

Tonk

  • Coppermine newbie
  • Offline Offline
  • Posts: 1

Hallo guys,
I'm running a small Coppermine powered page only for me and a few friends. Today a strange user called "sisjz" registered to my page. Cause this name doesn't belong to any of my friends, I became suspicious and looked up the name in google. I found out, that there are other Coppermine pages, with this username and he ALWAYS registered today. So I think there is a bot running, "attacking" Coppermine systems. I just updated my Coopermine to the latest version, but wenn the bot registered, I was running 1.4.21.

Is there anything to worry about? Could he have done damage to my system?

Thanks for answers
Kind regards Tonk
Logged

Abbas Ali

  • Administrator
  • Coppermine addict
  • *****
  • Country: in
  • Offline Offline
  • Gender: Male
  • Posts: 2165
  • Spread the PHP Web
    • Ranium Systems

If the user is unknown to you then i suggest delete him. Also scan your folder structure for any unknown files which that user might have uploaded and delete them.

No known security issues for the current stable release.
Logged
Chief Geek at Ranium Systems

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de

To make this clear: there are known security issues for all versions prior to the actual stable release. That's why maintenance releases get released: they fix bugs and vulnerabilities. As you haven't been running the most recent stable release when that user registered, there's no saying if you have been attacked or if the user was just probing in an attempt to comment-spam pages. If you're not sure (and a bit paranoid), do as suggested in the thread "Yikes, I've been hacked! Now what?".
I haven't seen so many hits in Google for the terms sisjz and coppermine: http://www.google.com/search?q=sisjz+coppermine returns 30 hits for me. That could have been a manual registration as well: labor is cheap in many countries...
Logged
Pages: [1]   Go Up
 

Page created in 0.023 seconds with 20 queries.