____/ Chris S. on Thursday 13 March 2008 21:27 : \____
>
> "Linonut" <linonut@xxxxxxxxxxxxx> wrote in message
> news:GkeCj.5234$vr3.110@xxxxxxxxxxxxxxxxxxxxxxxxx
>>* Chris S. peremptorily fired off this memo:
>>
>>> "Moshe Goldfarb" <brick.n.straw@xxxxxxxxx> wrote in message
>>> news:ect9olpu96we$.8uqqu1js2g1c$.dlg@xxxxxxxxxxxxx
>>>> On Thu, 13 Mar 2008 12:25:21 -0400, Chris S. wrote:
>>>>
>>>>> Oh and by the way Roy's web page is to be avoided!
>>>>> He has imbedded "HTML/IFRAMEREF GEN" in it.
>>>>> An extremely malicious Trojan!
>>>>
>>>> You mean this one:
>>>>
>>>> www.schestowitz.com ?
>>>
>>> Yep! Yhat one!
>>
>> Where? I cannot find IFRAMEREF in the main page. What page is it on?
>>
>> Did you put something on his pages?
>
> It's NOT visable. It's a transparent HTML piece of code. Just opening the
> main
> page will invoke it. My OneCare caught it and "cleaned" it. Your Milage may
> Vary.
This was found last night. My very out-of-date installation of phpBB got
exploited (first time any of my software gets exploited in 7 years of running
sites on BSD and Linux). I've cleaned most stuff up, but I'm styill working
with the Web host to get rid of what's left. Script kiddies snuck in extra
markup that points to some other domain (via iframe) -- whatever it actually
does. This will be resolved by the weekend.
Thanks for the headsup, Chris.
--
~~ Best of wishes
Roy S. Schestowitz | How I learned to stop worrying and love GNU/Linux
http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
22:05:04 up 49 days, 7:59, 7 users, load average: 3.43, 2.08, 1.81
http://iuron.com - Open Source knowledge engine project
|
|
