[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]Website / CopperMine
- To: outages-list@eskimo.com, eskimo-announce@eskimo.com
- Subject: Website / CopperMine
- From: Nanook <nanook@eskimo.com>
- Date: Wed, 16 Apr 2008 02:16:50 -0700 (PDT)
- List-help: <mailto:outages-list-request@eskimo.com?subject=help>
- List-post: <mailto:outages-list@eskimo.com>
- List-subscribe: <mailto:outages-list-request@eskimo.com?subject=subscribe>
- List-unsubscribe: <mailto:outages-list-request@eskimo.com?subject=unsubscribe>
- Resent-date: Wed, 16 Apr 2008 02:16:56 -0700
- Resent-from: outages-list@eskimo.com
- Resent-message-id: <1KG6wC.A.DUE.HQcBIB@ultra7.eskimo.com>
- Resent-sender: outages-list-request@eskimo.com
Unfortunately, even with uploads turned off another vulnerability exists in CopperMine photogallery, this time an SQL injection bug, that was used to add iframe tags to our website again. In order to correct this it is necessary for all users running CopperMine to please upgrade to version 1.4.18 immediately, 1.4.16 has two known SQL injection exploits in addition to the problem I pointed out. It just gets better and better. -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting. Knowledgable human assistance, not telephone trees or script readers. See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.
- Prev by Date: CopperMine Vulnerability - Eskimo's Website
- Next by Date: Fake Messages from Support (Virus)
- Previous by thread: CopperMine Vulnerability - Eskimo's Website
- Next by thread: Fake Messages from Support (Virus)
- Index(es):