Re: [Full-disclosure] e107 latest download link is backdoored

From: Carsten Eilers <ceilers-lists_at_nospam>
Date: Tue Jan 26 2010 - 11:17:57 GMT
To: "Bogdan Calin" <bogdan@acunetix.com>, <full-disclosure@lists.grok.org.uk>, <bugtraq@securityfocus.com>

Hi,

Bogdan Calin schrieb am Mon, 25 Jan 2010 12:58:50 +0200:

>The latest version of e107, version 0.7.17 contains a PHP backdoor.
>http://e107.org/e107_files/downloads/e107_v0.7.17_full.zip

The start page of e107.org, <http://e107.org/news.php>, contains suspect, probable malicious JavaScript-Code at the top,followed by many links in the format <a href='/wiki/docs/html/.store/[Spamtext]-[Number].php'>medical spam</a>, before the DOCTYPE-Declaration.

Regards
Carsten -- Dipl.-Inform. Carsten Eilers IT-Sicherheit und Datenschutz <http://www.ceilers-it.de> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

This message: [ Message body ]
Next message: Gregor Schneider: "Re: [Full-disclosure] e107 latest download link is backdoored"
Previous message: Christian Sciberras: "Re: [Full-disclosure] Perhaps it's time to regulate Microsoft as Critical Infrastructure?"
In reply to: Bogdan Calin: "[Full-disclosure] e107 latest download link is backdoored"
Next in thread: Gregor Schneider: "Re: [Full-disclosure] e107 latest download link is backdoored"
Reply: Gregor Schneider: "Re: [Full-disclosure] e107 latest download link is backdoored"
Reply: David Sopas: "Re: [Full-disclosure] e107 latest download link is backdoored"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]