Textpattern CMS

#1 2006-12-06 14:08:52

shanghai

Member

Registered: 2006-05-09

Posts: 20

Textpattern Hacked.

My version has just been hacked and subject for a massive filetransfers of DVDs via my server….just a warning to others to check that all the permissions is correct set :(

#2 2006-12-06 14:27:02

kevinashworth

Member

From: Massachusetts

Registered: 2004-07-30

Posts: 26

Website

Re: Textpattern Hacked.

Yikes. Sorry to hear about that.

Can we get from somebody a quick reminder of what all the correct permissions are?

#3 2006-12-06 14:43:06

Sencer

Archived Developer

From: cgn, de

Registered: 2004-03-23

Posts: 1,803

Website

Re: Textpattern Hacked.

Permissions are (usually) not a problem. They only play a role, once somebody already has access to the server (i.e. the server was hacked via some other way; or you are in a shared hosting environment, where by default user accounts are not secured from each other – in the latter case you should cntact your host and inquire about the correct settings).

If textpattern played a role in the hacking mentioned above (which is doubtful, because no explanation or evidence was presented on how that conclusion was arrived at), it was likely due to an unmaintained and out of date installtion of textpattern. As we’ve made clear multiple times, and as everybody who hosts website on the web should be aware of, it is imperative that publicly accessible software is properly maintained, i.e., maintenance updates of the software in question are installed regularly. For textpattern uers this means to have the latest 4.0.x release of textpattern installed.

Last edited by Sencer (2006-12-06 14:43:25)

#4 2006-12-06 19:28:20

shanghai

Member

Registered: 2006-05-09

Posts: 20

Re: Textpattern Hacked.

It was installed last month, and latest version used. There is only one account on the server, and thats mine : -) And all the DVD files where in the textpattern directory, more info later when the logs has been throurughly investigated.

#5 2006-12-06 20:52:07

zem

Developer Emeritus

From: Melbourne, Australia

Registered: 2004-04-08

Posts: 2,579

Re: Textpattern Hacked.

What version of Textpattern was installed? Were there any warnings in diagnostics?

Was anything changed in Textpattern itself, or were the DVD files in the Textpattern directory the only evidence? Exactly what directory were they placed in?

Please read the FAQ before posting security sensitive information on the forum.

---

Alex

#6 2006-12-06 21:12:31

NyteOwl

Member

From: Nova Scotia, Canada

Registered: 2005-09-24

Posts: 539

Re: Textpattern Hacked.

Do you have file tranfers enabled? What other internet accessible services/apps are running? …

---

Obsolescence is just a lack of imagination. / 36-bits Forever! / #include <disclaimer.h>;

#7 2006-12-14 11:33:44

Mary

Sock Enthusiast

Registered: 2004-06-27

Posts: 6,236

Re: Textpattern Hacked.

Any updates? Any relevant and/or sensitive security info should be sent to security at textpattern dot com.

Last edited by Mary (2006-12-14 11:34:27)

#8 2006-12-19 17:24:48

Mary

Sock Enthusiast

Registered: 2004-06-27

Posts: 6,236

Re: Textpattern Hacked.

Hello?

If I don’t get a response within the next couple days, I’ll assume this was a bogus report (i.e: caused by something other than Textpattern).

#9 2006-12-23 02:16:35

Mary

Sock Enthusiast

Registered: 2004-06-27

Posts: 6,236

Re: Textpattern Hacked.

Okay, a bogus report, then.