[Novalug] php vulnerability is affecting my web pages at remote host

Bonnie Dalzell bdalzell@qis.net
Fri May 18 00:01:44 EDT 2012


On Thu, 17 May 2012, How7 wrote:

> On 5/17/2012 4:21 PM, Bonnie Dalzell wrote:
>> the only place i found unwanted code was in index.html, main.html, 
>> home.html and in index.php
>
> Has your IHP upgraded to PHP 5.4.3 or 5.3.13 ?
> <?php
>  phpinfo();
> ?>
>

the installed version at the IHP is

PHP Version 5.2.14

according to my inquirey.

will ask them about updating to later version

> If not why not?
>
> If so they must be getting changed from the inside?
> Perhaps they have slipped something into another script which does the insert 
> every time they hit that page.
>
> Do you have clean backup files that you could
> - compare file size to?
> - compare with diff?

we fount a couple of large image files that seemed a little strange so I 
deleted them from the server.

tell you more about them tomorrow
>
> Do server access logs show query strings?
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                        Bonnie Dalzell, MA
mail:PO box 9767 Baldwin, MD, USA 21013  |  EMAIL:bdalzell@qis.net
shipping adddress:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
HOME www.batw.net    ART bdalzellart.batw.net  BUSINESS www.boardingatwedge.com




More information about the Novalug mailing list