On Fri, 2005-02-25 at 11:39, Mike Noyes wrote: > Everyone, > Our website was cracked using the phpWebSite announce module. A file > named nst.gif.php was uploaded to images/announce. I've removed the file > and locked down that directory. Also, I changed our database password > and hub_hash. I'm in the process of diffing the last mysqldump. > > I'll keep everyone apprised of my progress.
OK. I think our website is operational again. Please let me know if you see any problems. > phpWebSite-0.10.0_exploit > http://www.securityfocus.com/archive/1/391496/2005-02-21/2005-02-27/0 -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: ffl, leaf, phpwebsite, phpwebsite-comm, sitedocs ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ leaf-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-devel
