Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Security???  (Read 4171 times)

0 Members and 1 Guest are viewing this topic.

GP

  • Coppermine newbie
  • Offline Offline
  • Posts: 12
Security???
« on: March 03, 2005, 01:29:30 am »

I installed my gallery about a week ago and everyone loves it!  ;D   However, on the night of the 28th, my host
took my site down.  They claim that someone was trying to gain unauthorized access to the server - through my
site.  They suggested that I look at the gallery files since that's the most recent changes that I've made.  Are they
full of crap and just trying to come up with an excuse or are any of you aware of vulnerabilities that I can fix? 

Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: Security???
« Reply #1 on: March 03, 2005, 01:31:05 am »

Which version were you using?
Logged

GP

  • Coppermine newbie
  • Offline Offline
  • Posts: 12
Re: Security???
« Reply #2 on: March 03, 2005, 01:32:22 am »

1.3.2
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: Security???
« Reply #3 on: March 03, 2005, 01:34:06 am »

There are no known security issues with standalone 1.3.2. Do you know which version of php your host is using? If not, put the following into a file and access it in a browser:
Code: [Select]
<?php
phpinfo
();
?>
Logged

GP

  • Coppermine newbie
  • Offline Offline
  • Posts: 12
Re: Security???
« Reply #4 on: March 03, 2005, 01:35:25 am »

php version 4.3.10.    I have the gallery integrated with SMF.
Logged

kegobeer

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 4637
  • Beer - it does a body good!
    • The Kazebeer Family Website
Re: Security???
« Reply #5 on: March 03, 2005, 01:59:54 am »

Look in your server logs.  You may find evidence of script kiddie attempts: entries like /modules/coppermine/include/init.inc.php and crap like that, all with 404 errors.

SMF also has no known security vulnerabilities.
Logged
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 20 queries.