full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] e107 latest download l

Re: [Full-disclosure] e107 latest download link is backdoored

From: Carsten Eilers <ceilers-lists_at_nospam>
Date: Tue Jan 26 2010 - 11:17:57 GMT
To: "Bogdan Calin" <bogdan@acunetix.com>, <full-disclosure@lists.grok.org.uk>, <bugtraq@securityfocus.com>


Bogdan Calin schrieb am Mon, 25 Jan 2010 12:58:50 +0200:

>The latest version of e107, version 0.7.17 contains a PHP backdoor.

The start page of e107.org, <http://e107.org/news.php>, contains suspect, probable malicious JavaScript-Code at the top,followed by many links in the format <a href='/wiki/docs/html/.store/[Spamtext]-[Number].php'>medical spam</a>, before the DOCTYPE-Declaration.

  Carsten -- Dipl.-Inform. Carsten Eilers IT-Sicherheit und Datenschutz <http://www.ceilers-it.de> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/