possible Security leak [copperminevis component]

Goosemoose · **Joined:** Thu Dec 01, 2005 4:59 am **Posts:** 47

Can someone from the Joomla team pm me immediately. I'm getting hacked like crazy on several servers through the same vulnerability. My yim is dcmeagle, aim is dmaricic and msn is dcmeagle@goosemoose.com. I found the problem but I'm not sure how widespread it is. I'm running 1.0.8.

Note that this problem is created by the copperminevis component. I have not found the problem in any other components I've tested.

Tonie · **Joined:** Thu Aug 18, 2005 7:13 am **Posts:** 13347

Have you contacted the developers of copperminevis? If this is a leak in this particular component, they are the persons that will need to look at/fix any security issues within that component.

stingrey · **Posted:** Mon Apr 03, 2006 11:17 am

Having recieved you PM and looking at the access logs, I would say that if there is a vunerability it lies in the copperminevis component and NOT in the Joomla! core.

You will need to contact the component developer, informing them of this possible security vulnerability in their extension.

Goosemoose · **Joined:** Thu Dec 01, 2005 4:59 am **Posts:** 47

It is definately in Copperminevis. I've contacted the author and am waiting for a response. I've identified the line that created the problem.

Shearmite · **Joined:** Tue Apr 04, 2006 2:57 am **Posts:** 3

Sadly my own site was compromised running CoppermineVis.

This was not a Joomla core issue, but the component.

I worked with my hosting company and it seems they only got access to tmp (and uploaded some crap there).

I scanned my logs and it seems these scumbags are using google to search for:

"index.php?option=com_copperminevis"

to locate the sites and targetting that way.

I have since completely removed this component and all associated with it.

Joomla! Discussion Forums

Forum rules

possible Security leak [copperminevis component]

Quick reply

Who is online