See here
usual stuff
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3396
I have the GET log, Robs, if you like.
I do not use that comp by the way.
It is currently Sun Jul 20, 2008 12:43 am
[ABANDONED] Galleria component under attack
Moderators: Beat, rliskey, RussW, General Support Moderators
7 posts • Page 1 of 1
[ABANDONED] Galleria component under attack
by infograf768 on Mon Jul 17, 2006 2:52 pm
Last edited by RobS on Wed Jul 19, 2006 7:12 am, edited 1 time in total.
Jean-Marie Simonet / infograf · http://www.info-graf.fr · GMT +2
Qui vult dare parva non debet magna rogare.
Qui vult dare parva non debet magna rogare.
-
infograf768 - Joomla! Master
- Posts: 11438
- Joined: Fri Aug 12, 2005 3:47 pm
- Location: •Translation Matters•
Re: Galleria component under attack
by RobS on Wed Jul 19, 2006 6:49 am
JM,
Do you have any information on the developer such as a website URL or an email address? I searched around on Google but could only find vulnerability reports and not any actual websites for the component.
I probably don't need the log files. Maybe you could just send them the report if you find any contact information for them?
Thanks,
Rob S.
Do you have any information on the developer such as a website URL or an email address? I searched around on Google but could only find vulnerability reports and not any actual websites for the component.
I probably don't need the log files. Maybe you could just send them the report if you find any contact information for them?
Thanks,
Rob S.
Rob Schley - Joomla! Development Working Group - Open Source Matters Board
WebImagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
WebImagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
-
RobS - Joomla! Ace
- Posts: 1552
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
Re: Galleria component under attack
by Elpie on Wed Jul 19, 2006 7:10 am
Galleria is abandonware Rob - the best course of action for anyone using it is to backup their images, remove Galleria completely and find another gallery to use that is still in development and which is secure.
There is an update patch here: http://forum.mamboguru.com/showthread.php?t=316 but no guarantees that it can be more than a temporary measure.
There is an update patch here: http://forum.mamboguru.com/showthread.php?t=316 but no guarantees that it can be more than a temporary measure.
Last edited by Elpie on Wed Jul 19, 2006 7:14 am, edited 1 time in total.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info
-
Elpie - Joomla! Guru
- Posts: 918
- Joined: Wed Aug 17, 2005 11:26 pm
Re: Galleria component under attack
by RobS on Wed Jul 19, 2006 7:11 am
I suspected as much. Thanks for the confirmation though.
Rob Schley - Joomla! Development Working Group - Open Source Matters Board
WebImagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
WebImagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
-
RobS - Joomla! Ace
- Posts: 1552
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
Re: [ABANDONED] Galleria component under attack
by infograf768 on Wed Jul 19, 2006 7:25 am
Sent amail to the guy through
http://mamboxchange.com/projects/mambatstaff
http://mamboxchange.com/projects/mambatstaff
Jean-Marie Simonet / infograf · http://www.info-graf.fr · GMT +2
Qui vult dare parva non debet magna rogare.
Qui vult dare parva non debet magna rogare.
-
infograf768 - Joomla! Master
- Posts: 11438
- Joined: Fri Aug 12, 2005 3:47 pm
- Location: •Translation Matters•
Re: [ABANDONED] Galleria component under attack
by locutus on Wed Jul 19, 2006 10:13 am
Watch out! Just recently I found galleria files on my site, but I installed and uninstalled it years ago. Apparently Galleria deinstalls but is leaving the files on the server.
So if you remove the program, make sure by FTP or JXplorer that all files in components and administrator/components are removed.
So if you remove the program, make sure by FTP or JXplorer that all files in components and administrator/components are removed.
- locutus
- Joomla! Enthusiast
- Posts: 101
- Joined: Thu Aug 18, 2005 6:43 pm
Re: [ABANDONED] Galleria component under attack
by galin on Thu Sep 27, 2007 3:46 pm
yup, you were right. i was recently going through my old website and found it didn't delete all the files on the uninstallation. thanks for the info.
Last edited by galin on Mon Oct 01, 2007 3:16 pm, edited 1 time in total.
- galin
- Joomla! Fledgling
- Posts: 1
- Joined: Thu Sep 27, 2007 3:37 pm
7 posts • Page 1 of 1
Return to 3rd Party/Non Joomla! Security Issues
Who is online
Users browsing this forum: No registered users and 2 guests