Strange user "sisjz" registered to many coppermine systems today. Worry ? Strange user "sisjz" registered to many coppermine systems today. Worry ?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Strange user "sisjz" registered to many coppermine systems today. Worry ?

Started by Tonk, October 22, 2009, 12:55:33 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Tonk

Hallo guys,
I'm running a small Coppermine powered page only for me and a few friends. Today a strange user called "sisjz" registered to my page. Cause this name doesn't belong to any of my friends, I became suspicious and looked up the name in google. I found out, that there are other Coppermine pages, with this username and he ALWAYS registered today. So I think there is a bot running, "attacking" Coppermine systems. I just updated my Coopermine to the latest version, but wenn the bot registered, I was running 1.4.21.

Is there anything to worry about? Could he have done damage to my system?

Thanks for answers
Kind regards Tonk

Abbas Ali

If the user is unknown to you then i suggest delete him. Also scan your folder structure for any unknown files which that user might have uploaded and delete them.

No known security issues for the current stable release.
Chief Geek at Ranium Systems

Joachim Müller

To make this clear: there are known security issues for all versions prior to the actual stable release. That's why maintenance releases get released: they fix bugs and vulnerabilities. As you haven't been running the most recent stable release when that user registered, there's no saying if you have been attacked or if the user was just probing in an attempt to comment-spam pages. If you're not sure (and a bit paranoid), do as suggested in the thread "Yikes, I've been hacked! Now what?".
I haven't seen so many hits in Google for the terms sisjz and coppermine: http://www.google.com/search?q=sisjz+coppermine returns 30 hits for me. That could have been a manual registration as well: labor is cheap in many countries...