Yeah, I just did a quick Google search and followed the first 150 links,
and about 70-80% of the sites have already fixed this, and return a 404
when I follow the link (if you do this, remember to turn off JS first!)
It's a minor issue, and I do think we nipped it in the bud before it
became particularly prevalent.
-- Alexander
On Thu, 14 Sep 2006 17:24:59 -0700, Alec Mitchell <[EMAIL PROTECTED]>
wrote:
To say these sites are "compromised" is a bit extreme. People who
were allowed to create profiles (i.e. this only happens to sites where
anybody can join) could take advantage of a minor XSS vulnerability to
seed google requests. Additionally there was a apparently more common
avenue of attack for sites where normal self-joining users could add
content, whereby they could put arbitrary html in a File object and
have it render inline, scripts and all (which has more potential for
danger, as the portrait issue was manily visible only for search
engines). These issues are both fixed. In the end the abuse is only
a tiny bit more significant than the ubiquitous forum and blog spam
found all over the web.
Alec
On 9/14/06, Alexander Limi <[EMAIL PROTECTED]> wrote:
It has been fixed, that's what the 2.5.1 and 2.1.4 releases were about.
Full instructions are here:
http://plone.org/documentation/how-to/clean-up-link-spam-on-your-site
-- Alexander
On Thu, 14 Sep 2006 16:54:25 -0700, Alan Runyan
<[EMAIL PROTECTED]> wrote:
>
>
> Alan Runyan
> Enfold Systems, Inc.
> http://www.enfoldsystems.com/
> phone: +1.713.942.2377x111
> fax: +1.832.201.8856
>
>
> -Original Message-
> From: Sean Duffy [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, September 13, 2006 10:45 AM
> To: [EMAIL PROTECTED]
> Subject: Plone site compromise epidemic!
>
> Hi,
>
> I have seen a recent flood of compromised Plone sites.
>
> A Google search for the terms plone_memberdata and viagra:
>
> http://www.google.com/search?q=portal_memberdata+viagra
>
> generates over half a million hits. Someone should look into changing
> the 'out of the box' security settings & set up some hotfixes.
>
> Help!
>
> Sean
>
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
>
--
_
Alexander Limi · Chief Architect · Plone Solutions · Norway
Consulting · Training · Development · http://www.plonesolutions.com
_
Plone Co-Founder · http://plone.org · Connecting Content
Plone Foundation · http://plone.org/foundation · Protecting Plone
___
Framework-Team mailing list
Framework-Team@lists.plone.org
http://lists.plone.org/mailman/listinfo/framework-team
--
_
Alexander Limi · Chief Architect · Plone Solutions · Norway
Consulting · Training · Development · http://www.plonesolutions.com
_
Plone Co-Founder · http://plone.org · Connecting Content
Plone Foundation · http://plone.org/foundation · Protecting Plone
___
Framework-Team mailing list
Framework-Team@lists.plone.org
http://lists.plone.org/mailman/listinfo/framework-team