Am Dienstag, den 26.08.2008, 10:53 +0100 schrieb MJ Ray: > Laurent Léonard <laurent@open-minds.org> wrote: > > Le samedi 23 août 2008 à 01:38, Rouven Mueller a écrit : > > > the DebianShop URL: http://www.debianshop.com displays the following > > > message and nothing else: > > > > > > 0hhh o loveee joomla... yheee o love hacked joomla ;) ((( RED EYE OWNZ > > > )))by m4V3RiCk > > > > The security hole is fixed since 12/08 : > > http://developer.joomla.org/security/news/35-core-security/241-20080801-core-password-remind-functionality.html > > > > Apply this patch or upgrade to 1.5.6, redefine the admin password and check > > what is modified on the database (because the hacker had an admin access to > > the Joomla) or restore a data backup. > > I have commented debianshop out of vendors.CD in CVS so it should be > removed from the listing on www.debian.org soon - it can be > uncommented once the site is repaired. Erm - when disabling such stuff please make sure you are tracking it. Just reenabled the site, the defacement is gone. Thanks, Rhonda
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil