full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] e107 latest download l

Re: [Full-disclosure] e107 latest download link is backdoored

From: Michael Holstein <michael.holstein_at_nospam>
Date: Mon Jan 25 2010 - 21:36:50 GMT
To: Christian Sciberras <uuf6429@gmail.com>

> Speaking of silent fixes...

Silent? .. it's right on the "news" section of the e107.org front page. To wit :

[http://e107.org]

        **SECURITY UPDATE** 0.7.17 We were recently informed of a very nasty exploit that, as far as we can see, affects almost all e107 0.7 releases. Everyone running e107 needs to get their sites updated as soon as possible. If you are a site owner and you are unable to upgrade for some reason (too much hacked core code), please contact me directly and I can help you with a quick-fix.

Please get the word out to all other e107ers. If you find an e107 site out there, post on their site somewhere about this upgrade.



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/