GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Hell House Vic · 12-19-2005, 01:35 PM

pornguy, thanks for the lead.

so here's what it seemed to be:

We were running PHP 4.3.7 (Unix - not shared, dedicated)

Apparently someone took advantage of this to create the following effect: hits to our php page would (often, apparently, not always) redirect and attempt to get the client to click "OK" to download the browser hijacker.

I am led to hope that the upgrade of PHP to 4.3.11 closes this vulnerability. So far, it appears to. We've been running for about 15 minutes without a detected incident.

A QUESTION: Those of you with dedicated servers (sorry, I used "colocated" earlier, which is not exactly what we have) - do you receive notifications from your server when a php upgrade should be installed, etc?

12-19-2005, 01:35 PM
Hell House Vic Pay to Cum Join Date: Aug 2004 Location: Nor San Diego Posts: 1,029	pornguy, thanks for the lead. so here's what it seemed to be: We were running PHP 4.3.7 (Unix - not shared, dedicated) Apparently someone took advantage of this to create the following effect: hits to our php page would (often, apparently, not always) redirect and attempt to get the client to click "OK" to download the browser hijacker. I am led to hope that the upgrade of PHP to 4.3.11 closes this vulnerability. So far, it appears to. We've been running for about 15 minutes without a detected incident. A QUESTION: Those of you with dedicated servers (sorry, I used "colocated" earlier, which is not exactly what we have) - do you receive notifications from your server when a php upgrade should be installed, etc? __________________ Contact Me - ICQ: 206851710 eMail vic (at) hellhousemedia (dot) com 'Satanism is like Capitalism for teens' - Ty HellHouse