[support] IRC Hacking Files
Morbus Iff
morbus at disobey.com
Thu Dec 15 18:37:37 UTC 2005
> My hosting company has twice recently claimed there are IRC hacking
> files in one of my accounts which uses Drupal. Has anyone had this
> experience or have any idea how they could be uploaded into my account
> like that? Is there a security hole in Drupal that could cause this?
It's entirely possible if you're still using a version of Drupal that has
the XML-RPC bug (upgrade to 4.6.5, please!) - someone could easily have
done it (I've seen the attack numerous times against numerous apps).
--
Morbus Iff ( you are nothing without your robot car, NOTHING! )
Culture: http://www.disobey.com/ and http://www.gamegrene.com/
O'Reilly Author, Weblog, Cook: http://www.oreillynet.com/pub/au/779
icq: 2927491 / aim: akaMorbus / yahoo: morbus_iff / jabber.org: morbus
More information about the support
mailing list