full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] e107 latest download l

Re: [Full-disclosure] e107 latest download link is backdoored

From: Christian Sciberras <uuf6429_at_nospam>
Date: Mon Jan 25 2010 - 22:43:35 GMT
To: Michael Holstein <michael.holstein@csuohio.edu>

Don't know the date at your place, but it's 25th Jan here, not 22nd. ;)

On Mon, Jan 25, 2010 at 10:36 PM, Michael Holstein < michael.holstein@csuohio.edu> wrote:

> > Speaking of silent fixes...
> Silent? .. it's right on the "news" section of the e107.org front page.
> To wit :
> [http://e107.org]
> **SECURITY UPDATE** 0.7.17
> We were recently informed of a very nasty exploit that, as far as we can
> see, affects almost all e107 0.7 releases. Everyone running e107 needs
> to get their sites updated as soon as possible. If you are a site owner
> and you are unable to upgrade for some reason (too much hacked core
> code), please contact me directly and I can help you with a quick-fix.
> Please get the word out to all other e107ers. If you find an e107 site
> out there, post on their site somewhere about this upgrade.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/