To say these sites are "compromised" is a bit extreme. People who were allowed to create profiles (i.e. this only happens to sites where anybody can join) could take advantage of a minor XSS vulnerability to seed google requests. Additionally there was a apparently more common avenue of attack for sites where normal self-joining users could add content, whereby they could put arbitrary html in a File object and have it render inline, scripts and all (which has more potential for danger, as the portrait issue was manily visible only for search engines). These issues are both fixed. In the end the abuse is only a tiny bit more significant than the ubiquitous forum and blog spam found all over the web.
Alec On 9/14/06, Alexander Limi <[EMAIL PROTECTED]> wrote:
It has been fixed, that's what the 2.5.1 and 2.1.4 releases were about. Full instructions are here: http://plone.org/documentation/how-to/clean-up-link-spam-on-your-site -- Alexander On Thu, 14 Sep 2006 16:54:25 -0700, Alan Runyan <[EMAIL PROTECTED]> wrote: > > > Alan Runyan > Enfold Systems, Inc. > http://www.enfoldsystems.com/ > phone: +1.713.942.2377x111 > fax: +1.832.201.8856 > > > -----Original Message----- > From: Sean Duffy [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 13, 2006 10:45 AM > To: [EMAIL PROTECTED] > Subject: Plone site compromise epidemic! > > Hi, > > I have seen a recent flood of compromised Plone sites. > > A Google search for the terms plone_memberdata and viagra: > > http://www.google.com/search?q=portal_memberdata+viagra > > generates over half a million hits. Someone should look into changing > the 'out of the box' security settings & set up some hotfixes. > > Help! > > Sean > > [EMAIL PROTECTED] > [EMAIL PROTECTED] > -- _____________________________________________________________________ Alexander Limi · Chief Architect · Plone Solutions · Norway Consulting · Training · Development · http://www.plonesolutions.com _____________________________________________________________________ Plone Co-Founder · http://plone.org · Connecting Content Plone Foundation · http://plone.org/foundation · Protecting Plone _______________________________________________ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team
_______________________________________________ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team