1. Home
  2. Forums Index
  3. Server Side / Linux, Unix, and *nix like Operating Systems 2:55 am May 21, 2026

Forum Moderators: bakedjake

Message Too Old, No Replies

iframe hack FedoraCore2 problem?

         

maccas

9:05 am on Jul 18, 2007 (gmt 0)

10+ Year Member



Hi one of my VPS accounts got hacked and they installed a iframe on all sites and even on control panel, they ran a perl script through SSH. My hosts says it is a FedoraCore2 vulnerability and they told me to backup and they will upgrade to CentOS4, is this true, anyone else heard of this?

encyclo

7:33 pm on Jul 18, 2007 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Fedora Core 2 is no longer supported, and hasn't been supported for quite a while, so there may be any number of vulnerabilites which caused the problem.

As for the switch to Centos, it sounds like a very sensible idea. You will still need to ensure the server gets regular updates, but this will be much easier with Centos than Fedora.

lammert

12:14 am on Jul 20, 2007 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



...they ran a perl script through SSH. My hosts says it is a FedoraCore2 vulnerability...

The last significant problems in sshd that I know of were buffer management issues in the OpenSSH protocol suite in 2003 (CERT Advisory CA-2003-24). The support for FC2 stopped way after that date, so your installation (if properly updated in the past) shouldn't have been suceptible for that.

Are you sure that running a perl script through SSH to your server was really the cause of the IFRAME hack and that upgrading to another OS closes this hole or was the attack coming via another door (PHP etc)?

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Linux, Unix, and *nix like Operating Systems 2:55 am May 21, 2026