Author Topic: KloxoMR possible injection bugs (Read 6302 times)

scumbag · « **on:** 2014-02-17, 06:02:18 »

Hello Mr. Mustafa

please help and solve this

Quote

malware detect scan report for yourserverdotcom:
SCAN ID: 020914-0131.18255
TIME: Feb 10 11:47:09 +0700
PATH: /home
TOTAL FILES: 121790
TOTAL HITS: 2
TOTAL CLEANED: 0

FILE HIT LIST:
{HEX}gzbase64.inject.unclassed.15 : /home/kloxo/httpd/installapp/gbook/gbook.php => /usr/local/maldetect/quarantine/gbook.php.31110
{MD5}gzbase64.inject.unclassed.531 : /tmp/maldetect-1.4.2/files/clean/gzbase64.inject.unclassed => /usr/local/maldetect/quarantine/gzbase64.inject.unclassed.23731

MRatWork · « **Reply #1 on:** 2014-02-17, 06:15:04 »

Did your Kloxo-MR latest version?.

Try 'yum clean all; yum update -y'

MRatWork · « **Reply #2 on:** 2014-02-17, 06:25:05 »

Hi, look like you still using installapp. It's not support now (too old and security issue) and better removed.

Kloxo-DR · « **Reply #3 on:** 2014-02-17, 09:01:32 »

By default the installlapp should be turned off.

MRatWork · « **Reply #4 on:** 2014-02-17, 09:35:04 »

Maldetect running from ssh under 'root'. As I know, ssh under 'root' is no under 'protected' from all commands.

So, in this case, not meaning able to access /home dir if running under web (via http://).

In latest version, Kloxo-MR already set 'open_basedir' only for '/home/<user>' for each user.

scumbag · « **Reply #5 on:** 2014-02-17, 10:48:30 »

okay, thanks for reply

Author Topic: KloxoMR possible injection bugs (Read 6302 times)

scumbag

KloxoMR possible injection bugs

MRatWork

Re: KloxoMR possible injection bugs

MRatWork

Re: KloxoMR possible injection bugs

Kloxo-DR

Re: KloxoMR possible injection bugs

MRatWork

Re: KloxoMR possible injection bugs

scumbag

Re: KloxoMR possible injection bugs