See here
usual stuff
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3396
I have the GET log, Robs, if you like.
I do not use that comp by the way.
[ABANDONED] Galleria component under attack
Moderator: General Support Moderators
Forum rules
- infograf768
- Joomla! Master
- Posts: 19133
- Joined: Fri Aug 12, 2005 3:47 pm
- Location: **Translation Matters**
[ABANDONED] Galleria component under attack
Last edited by RobS on Wed Jul 19, 2006 7:12 am, edited 1 time in total.
Jean-Marie Simonet / infograf
---------------------------------
ex-Joomla Translation Coordination Team • ex-Joomla! Production Working Group
---------------------------------
ex-Joomla Translation Coordination Team • ex-Joomla! Production Working Group
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: Galleria component under attack
JM,
Do you have any information on the developer such as a website URL or an email address? I searched around on Google but could only find vulnerability reports and not any actual websites for the component.
I probably don't need the log files. Maybe you could just send them the report if you find any contact information for them?
Thanks,
Rob S.
Do you have any information on the developer such as a website URL or an email address? I searched around on Google but could only find vulnerability reports and not any actual websites for the component.
I probably don't need the log files. Maybe you could just send them the report if you find any contact information for them?
Thanks,
Rob S.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
- Elpie
- Joomla! Guru
- Posts: 903
- Joined: Wed Aug 17, 2005 11:26 pm
- Contact:
Re: Galleria component under attack
Galleria is abandonware Rob - the best course of action for anyone using it is to backup their images, remove Galleria completely and find another gallery to use that is still in development and which is secure.
There is an update patch here: http://forum.mamboguru.com/showthread.php?t=316 but no guarantees that it can be more than a temporary measure.
There is an update patch here: http://forum.mamboguru.com/showthread.php?t=316 but no guarantees that it can be more than a temporary measure.
Last edited by Elpie on Wed Jul 19, 2006 7:14 am, edited 1 time in total.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: Galleria component under attack
I suspected as much. Thanks for the confirmation though.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
- infograf768
- Joomla! Master
- Posts: 19133
- Joined: Fri Aug 12, 2005 3:47 pm
- Location: **Translation Matters**
Re: [ABANDONED] Galleria component under attack
Sent amail to the guy through
http://mamboxchange.com/projects/mambatstaff
http://mamboxchange.com/projects/mambatstaff
Jean-Marie Simonet / infograf
---------------------------------
ex-Joomla Translation Coordination Team • ex-Joomla! Production Working Group
---------------------------------
ex-Joomla Translation Coordination Team • ex-Joomla! Production Working Group
-
- Joomla! Enthusiast
- Posts: 111
- Joined: Thu Aug 18, 2005 6:43 pm
Re: [ABANDONED] Galleria component under attack
Watch out! Just recently I found galleria files on my site, but I installed and uninstalled it years ago. Apparently Galleria deinstalls but is leaving the files on the server.
So if you remove the program, make sure by FTP or JXplorer that all files in components and administrator/components are removed.
So if you remove the program, make sure by FTP or JXplorer that all files in components and administrator/components are removed.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Thu Sep 27, 2007 3:37 pm
- Contact:
Re: [ABANDONED] Galleria component under attack
yup, you were right. i was recently going through my old website and found it didn't delete all the files on the uninstallation. thanks for the info.
Last edited by galin on Mon Oct 01, 2007 3:16 pm, edited 1 time in total.