15 Dec
2005
15 Dec
'05
6:37 p.m.
My hosting company has twice recently claimed there are IRC hacking files in one of my accounts which uses Drupal. Has anyone had this experience or have any idea how they could be uploaded into my account like that? Is there a security hole in Drupal that could cause this?
It's entirely possible if you're still using a version of Drupal that has the XML-RPC bug (upgrade to 4.6.5, please!) - someone could easily have done it (I've seen the attack numerous times against numerous apps).
--
Morbus Iff ( you are nothing without your robot car, NOTHING! )
Culture: http://www.disobey.com/ and http://www.gamegrene.com/
O'Reilly Author, Weblog, Cook: http://www.oreillynet.com/pub/au/779
icq: 2927491 / aim: akaMorbus / yahoo: morbus_iff / jabber.org: morbus