|
PostNuke Trojan Horse Vulnerability
Solution: The vendor recommends the following actions: Customers are advised to remove the affected file: '/includes/pnAPI.php' This should be replaced with the original file, which is available at the following location: http://cvs.postnuke.com/viewcvs.cgi/Historic_PostNuke_Library/postnuke-devel/html/includes/pnAPI.php?rev=1.86&content-type=text/vnd.viewcvs-markup) Modify installation details, for example: 'database details', 'username', 'password' and if possible 'database name'. Audit HTTP access logs, if an entry is found that contains the string 'oops=', then customers are advised to contact the PostNuke Security Team: http://forums.postnuke.com/index.php?module=vpContact |
|
 Privacy Statement |
