JayDub Posted March 21, 2006 Posted March 21, 2006 I just got a "Bank of America" email (one of the most common banks that are phished) and - lo and behold - the fake page pointed to a OSCommerce site. The email goes to: http://compromisedsite.com/pub/.acct.secur...oa.upgrade/boa/ (Obviously I modified the name of the site in this posting.) I am assuming that the phisher took advantage of the default 777 permission on pub and some other misconfiguration allowed the phisher to dump files into the directory (or possibly he just had an account on the same server in a shared hosting environment?) Nevertheless, on perusing the forums here it appears that a few other oscommerce users have had similar problems. Doesn't it make sense for the osc installation to prevent this at the outset by restricting default permissions?
AlanR Posted March 21, 2006 Posted March 21, 2006 Doesn't it make sense for the osc installation to prevent this at the outset by restricting default permissions? Unfortunately it's not so simple. Well set up servers will allow one to set permissions in a sensible, restrictive fashion, but some servers are set up in such a way that certain folders just must have world write privileges for the system to function. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.