Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Virus warning from hosting, coppermine file quarantined  (Read 3717 times)

0 Members and 1 Guest are viewing this topic.

Delia_35

  • Coppermine newbie
  • Offline Offline
  • Posts: 7
Virus warning from hosting, coppermine file quarantined
« on: November 26, 2015, 03:01:24 am »

I just moved my website to a new host and during the move they said they found a malicious file (/include/inc.php) in coppermine and quarantined it. Has anyone else had this problem? Any idea how I can fix it?
Logged

Delia_35

  • Coppermine newbie
  • Offline Offline
  • Posts: 7
Re: Virus warning from hosting, coppermine file quarantined
« Reply #1 on: November 26, 2015, 03:02:41 am »

I can't figure out how to edit posts, but I forgot to say that I'm currently running the newest release (just upgraded a few days ago).
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4885
    • Windsurf.me
Re: Virus warning from hosting, coppermine file quarantined
« Reply #2 on: November 26, 2015, 12:20:43 pm »

Can we have a link to your install. Does it all work OK? Are you sure that is the complete filename as that is not a normal filename from the package.
Logged
It is a mistake to think you can solve any major problems just with potatoes.

Delia_35

  • Coppermine newbie
  • Offline Offline
  • Posts: 7
Re: Virus warning from hosting, coppermine file quarantined
« Reply #3 on: November 27, 2015, 02:15:43 am »

Here's my install:
http://www.scarlettsweb.net/photogallery

Seems to be working ok. That was the file name in the email I got. Here's the full thing:
  'ClamAV detected virus = [{HEX}php.cmdshell.Macker.297.UNOFFICIAL]':    /home/heatrvyf/public_html/scarlettsweb.net/backup-11.24.2015_02-21-04_scarlett/homedir/public_html/photogallery/include/inc.php

Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: Virus warning from hosting, coppermine file quarantined
« Reply #4 on: November 27, 2015, 09:18:54 am »

photogallery/include/inc.php

That's no Coppermine file, so it's fine that they removed it.
Logged

Delia_35

  • Coppermine newbie
  • Offline Offline
  • Posts: 7
Re: Virus warning from hosting, coppermine file quarantined
« Reply #5 on: November 27, 2015, 03:56:30 pm »

Ok, thank you! Very strange my old host didn't detect it. But I guess I should be grateful that my new one did.
Logged

gmc

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 785
    • GMC Design Photo Gallery
Re: Virus warning from hosting, coppermine file quarantined
« Reply #6 on: November 27, 2015, 10:01:29 pm »

Delia,
Please check your site for other occurrences of that file and remove...

The message seems to indicate they found it in a 'backup' directory:
 'ClamAV detected virus = [{HEX}php.cmdshell.Macker.297.UNOFFICIAL]':    /home/heatrvyf/public_html/scarlettsweb.net/backup-11.24.2015_02-21-04_scarlett/homedir/public_html/photogallery/include/inc.php

You want to be sure it doesn't also exist in the 'live' directories..
You indicated a recent upgrade to CPG - be sure any other software you use is updated as well - to insure you have no known security exposures.
Logged
Thanks!
Greg
My Coppermine Gallery
Need a web hosting account? See my gallery for an offer for CPG Forum users.
Send me money
Pages: [1]   Go Up
 

Page created in 0.024 seconds with 20 queries.