«
»

Cross Site Scripting Exploit

We have suffered this past week from some Cross Site Scripting exploits this week. I ask that all users please contact me if they have installed something outside of phpBB or WordPress on this machine.

This entry was posted on Wednesday, August 24th, 2005 at 3:42 pm and is filed under Announcements. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Cross Site Scripting Exploit”

  1. [rocksmyfaceoff.info] says:
    August 24, 2005 at 4:34 pm

    Server Temporarily Unreachable

    I rebooted the server as part of my investigation into the recent XSS exploit, and the server is unreachable by ping. The datacenter is working to restore this condition.

  2. [rocksmyfaceoff.info] says:
    August 25, 2005 at 6:20 am

    Exploit Found

    I’ve determined what the exploit is; I’ll have it closed up by midnight tonight.

  3. The Indiana Jones School of Management says:
    August 27, 2005 at 2:44 pm

    Nagios

    On Scott’s suggestion, I think I’ll have to give Nagios a try. We had a small exploit last week—it was the pre-WP 1.5.2 SQL injection bug, actually, giving some clown an opportunity to try to root me; he did dump a bunch of spam out…

Leave a Reply