Hello,
(soory for my bad english i will try to explain our
heavy problem)
last night 2 of our server are hacked. (after a reboot both servers are
dead)
the Cross-Site-Scripting-code cames from the „domain“ (Data: „cmd_user_stats“). command.
the exploit is writen here:
http://www.tecchannel.de/sicherheit/news/481205/
(sorry only german discription)
i think this link is the same:
http://secunia.com/advisories/25881/
at the moment we drop all connection at port 2222 at our other servers to secure the server.
we recover all hosting users form the dead servers at an other maschine (i pray that this maschine have no attacks in the next time)
what can we do ? have anyone a workaround for this heavy problem ?
greetings Mario
(soory for my bad english i will try to explain our
heavy problem)
last night 2 of our server are hacked. (after a reboot both servers are
dead)
the Cross-Site-Scripting-code cames from the „domain“ (Data: „cmd_user_stats“). command.
the exploit is writen here:
http://www.tecchannel.de/sicherheit/news/481205/
(sorry only german discription)
i think this link is the same:
http://secunia.com/advisories/25881/
at the moment we drop all connection at port 2222 at our other servers to secure the server.
we recover all hosting users form the dead servers at an other maschine (i pray that this maschine have no attacks in the next time)
what can we do ? have anyone a workaround for this heavy problem ?
greetings Mario
Last edited: