 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
i've just looked over the xoops specific files and there's lots of failed email attempts, lot's of failed upload errors, automated attacks on modules i didn't even have installed and attacks on modules i do have installed. also found this: XOOPS Multiple Module Spaw_Control.Class.PHP Remote File Include Vulnerability from: http://www.securityfocus.com/bid/24302/info they already know about it at xoops.org but i would wager there's hundreds of vulnerable websites out there. easy pickings. i've finally got off my butt and deleted that cms from my server. this brings me to my next question, are there any php / perl based cms's out there that have some type of automatic update or security alert feature? how about one that also includes updates for modules? now that even grandma can install a cms it would seem such a feature would be very beneficial. eric c. slightly tampered with but not really cracked. (yet) -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
