Welcome to WebmasterWorld Guest from 18.208.159.25

Forum Moderators: bakedjake

Message Too Old, No Replies

iframe hack FedoraCore2 problem?

     
9:05 am on Jul 18, 2007 (gmt 0)

Preferred Member

10+ Year Member

joined:Oct 30, 2000
posts:520
votes: 4


Hi one of my VPS accounts got hacked and they installed a iframe on all sites and even on control panel, they ran a perl script through SSH. My hosts says it is a FedoraCore2 vulnerability and they told me to backup and they will upgrade to CentOS4, is this true, anyone else heard of this?
7:33 pm on July 18, 2007 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 31, 2003
posts:9074
votes: 6


Fedora Core 2 is no longer supported, and hasn't been supported for quite a while, so there may be any number of vulnerabilites which caused the problem.

As for the switch to Centos, it sounds like a very sensible idea. You will still need to ensure the server gets regular updates, but this will be much easier with Centos than Fedora.

12:14 am on July 20, 2007 (gmt 0)

Senior Member from NL 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts:2955
votes: 35


...they ran a perl script through SSH. My hosts says it is a FedoraCore2 vulnerability...

The last significant problems in sshd that I know of were buffer management issues in the OpenSSH protocol suite in 2003 (CERT Advisory CA-2003-24). The support for FC2 stopped way after that date, so your installation (if properly updated in the past) shouldn't have been suceptible for that.

Are you sure that running a perl script through SSH to your server was really the cause of the IFRAME hack and that upgrading to another OS closes this hole or was the attack coming via another door (PHP etc)?