On 2013-01-30 08:41, Øystein Schønning-Johansen wrote: > Something like that. I've cleaned out the shit, and I think it works > agian, but I guess the PHP injection hole is still there. I can check > the access logs and the other logs I got. The attack was performed > yesterday. > Thnaks to Louis for reorting this in the first place. >
I noticed that the board images that are on the right hand side of the www.gnubg.org main page don't appear properly. I also observed for the last few minutes that if you paste this command into the browser you get redirected to that fantasy site: http://www.gnubg.org/phpThumb/phpThumb.php?src=/shots/gnubg_win.png&w=140 While I was writing this email it seems to have been corrected, but it has me wondering if phpthumb was the point of attack, as mentioned here: http://forums.modx.com/index.php/topic,55314.0.html -- Michael Petch CApp::Sysware Consulting Ltd. OpenPGP FingerPrint=D81C 6A0D 987E 7DA5 3219 6715 466A 2ACE 5CAE 3304 _______________________________________________ Bug-gnubg mailing list [email protected] https://lists.gnu.org/mailman/listinfo/bug-gnubg
