Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Hacking of customer table


J.Kjoller

Recommended Posts

Hi

 

Last night, all of our customers got a mail With the titel "x. xyyyyyy, our website attacked from your system. Immediately take charge of the your computer !"

 

I am afriad that someone hacked our customer base, is there any known security issues, on that part?

 

The version is v2.2 RC2

Link to comment
Share on other sites

Hi

 

Last night, all of our customers got a mail With the titel "x. xyyyyyy, our website attacked from your system. Immediately take charge of the your computer !"

 

I am afriad that someone hacked our customer base, is there any known security issues, on that part?

 

The version is v2.2 RC2

 

Hi

 

Have you applied all the security tips here?

http://www.oscommerce.com/forums/forum/76-security/

 

First thread at the top of page.

 

Please keep us posted, thanks.

Link to comment
Share on other sites

Sorry my bad, i did that when i enabled the .access.

 

Would it make any sense, to upgrade to 3.0.1, or would i have to go through the entier process anyway?

 

Rename your admin folder and add the security PRO contribution, first.

Link to comment
Share on other sites

Sorry my bad, i did that when i enabled the .access.

 

Would it make any sense, to upgrade to 3.0.1, or would i have to go through the entier process anyway?

 

V2.3.1 is the recommended version to be on now.

Link to comment
Share on other sites

Could be related to this?

http://www.1337day.com/exploits/15353

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...