I've got a notification from my web server saying that a vulnerability in the coppermine script had been used to send massive emails which is why they temporarly took down my site.
The affected file is: coppermine/include/.htaccess/sendlist2.php
I'm a bit worried... Any ideas on what I should do??
By the way, how do I edit/remove files on an .htaccess folder?
Thanks :)
Remove the folder include/.htaccess along with its contents (take a backup of .htaccess folder on your local disk first) and upgrade to the latest stable version of cpg.
probably related to Coppermine-driven galleries hit by RAR exploit (http://forum.coppermine-gallery.net/index.php?topic=31534.0)
How are .htaccess folders created? Is this folder supposed to be there?
I'm finding a lot of suspicious files (4 of which I can't even open/copy: x.php, fromemail.txt, fromname.txt, subject.txt) but I can't delete neither the htaccess folder nor the include folder, permision denied because the htaccess folder is inside.
I couldn't find any rar files... there's a zip file that I can't open either but it's not php.zip... ??? Oh wait, I *can* open and it does in fact contain all the files that have been copied into the .htaccess folder. Still, no way to delete it...
As far as coppermine is concerned. How can I prevent users from uploading *anything* into my space? (not even their own galleries)
Quote from: monstar on May 19, 2006, 07:38:18 PM
I'm finding a lot of suspicious files (4 of which I can't even open/copy: x.php, fromemail.txt, fromname.txt, subject.txt) but I can't delete neither the htaccess folder nor the include folder, permision denied because the htaccess folder is inside.
Ask your webhost for support.
Quote from: monstar on May 19, 2006, 07:38:18 PMAs far as coppermine is concerned. How can I prevent users from uploading *anything* into my space? (not even their own galleries)
In the groups page set upload permissions to "no" both for public as well as for personal albums for all groups but the admin group.