Forums / Developer / ez 3.1.4 is hacked.

ez 3.1.4 is hacked.

Previous topic

Developer

Next topic

Author	Message
Softriva .com	Friday 12 March 2010 2:57:42 am Hello, can some help me! --- what is this? Please see link bellow http://www.softriva.com/khdmatna
Steven E. Bailey	Friday 12 March 2010 4:23:26 am I hope you mean 4.1.4 - otherwise, I'd say I'd be very surprised if some software from 7 years ago didn't get hacked. It looks like someone might have overwritten a line view or block view of whatever object that is on the front page - or perhaps the pagelayout.tpl - and added their own link - that's my first guess. Otherwise, it could have been injected into the database - which should be visible if you try to edit the object. It's also - if it's 4.1.4 - unlikely that eZPublish was hacked, rather some other part of your setup was compromised. I saw some exploit about the windows version of apache last weekend if I recall correctly - here it is: http://www.senseofsecurity.com.au/advisories/SOS-10-002 Certified eZPublish developer http://ez.no/certification/verify/396111 Available for ezpublish troubleshooting, hosting and custom extension development: http://www.leidentech.com

Author

Message

Softriva .com

Friday 12 March 2010 2:57:42 am

Hello,

can some help me! --- what is this? Please see link bellow

http://www.softriva.com/khdmatna

Steven E. Bailey

Friday 12 March 2010 4:23:26 am

I hope you mean 4.1.4 - otherwise, I'd say I'd be very surprised if some software from 7 years ago didn't get hacked.

It looks like someone might have overwritten a line view or block view of whatever object that is on the front page - or perhaps the pagelayout.tpl - and added their own link - that's my first guess. Otherwise, it could have been injected into the database - which should be visible if you try to edit the object.

It's also - if it's 4.1.4 - unlikely that eZPublish was hacked, rather some other part of your setup was compromised. I saw some exploit about the windows version of apache last weekend if I recall correctly - here it is: http://www.senseofsecurity.com.au/advisories/SOS-10-002

Certified eZPublish developer
http://ez.no/certification/verify/396111

Available for ezpublish troubleshooting, hosting and custom extension development: http://www.leidentech.com