Hi Pluggers,
I received the following about Joomla Password Remind Functionality - Exploit"
attack
---------------------------
There has been several (successful) hack attempts in the past 48 hours from
your network:
below you will find a small overview of the different IP address and the
timestamps they were used,
at the end of this message you will find the complete http log file entries
which proof this is a
full "[20080801] - Core - Password Remind Functionality - Exploit" attack.
89.108.36.198 - - [30/Oct/2008:06:02:10 +0100]
89.108.31.218 - - [31/Oct/2008:00:37:13 +0100]
Pleas take appropriate actions.
---------------------------
Our Linux server was hacked was due to insecure software hosted by one of our
customers,
normally this should only affect the website of the customer it self - not the
entire server -
but since this has happened in the past days we decided to locked down
customers websites and
force the them to update their software for this particular vulnerability.
http://developer.joomla.org/security/news/35-core-security/241-20080801-core-password-remind-functionality.html
vulnerability exists in all versions prior to 12-08-2008.
Do you know any additional fix I can do?
Thanks.
Yahoo! Toolbar is now powered with Search Assist.Download it now!
http://ph.toolbar.yahoo.com/_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
