[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnubg] What's up with www.gnubg.org

From: Øystein Schønning-Johansen
Subject: Re: [Bug-gnubg] What's up with www.gnubg.org
Date: Wed, 30 Jan 2013 17:20:29 +0100

On Wed, Jan 30, 2013 at 5:08 PM, Michael Petch <address@hidden> wrote:
On 2013-01-30 08:41, Øystein Schønning-Johansen wrote:
> Something like that. I've cleaned out the shit, and I think it works
> agian, but I guess the PHP injection hole is still there. I can check
> the access logs and the other logs I got. The attack was performed
> yesterday.
> Thnaks to Louis for reorting this in the first place.

(Good spelling, Øystein!)

I noticed that the board images that are on the right hand side of the
www.gnubg.org main page don't appear properly. I also observed for the
last few minutes that if you paste this command into the browser you get
redirected to that fantasy site:


While I was writing this email it seems to have been corrected, but it
has me wondering if phpthumb was the point of attack, as mentioned here:


I think you're spot on! I'll see if I can close these vulnerabilities later this week. Maybe time to update nucleus as well...


reply via email to

[Prev in Thread] Current Thread [Next in Thread]