spyware infection in phpmyfaq?

dweiss · Post by **dweiss** » Wed Mar 29, 2006 1:35 am

I'm finding that when I pull up PHPMyFaq I have various terms highlighted (in green) and they have been hyperlinked with links similar to the following:

http://new.trafficsector.com/smb/ezula_ ... 0#do_redir

How are these getting into my code? Is this a problem with PHP MyFaq, or one with my machine? If it is my machine, why is it only appearing within the Faq software?

FYI: I've checked the header of the page in question and found the following:

<meta name="robots" content="INDEX, FOLLOW" />
<meta name="revisit-after" content="7 days" />
<meta name="MSSmartTagsPreventParsing" content="true" />

Thanks,

david_de · Post by **david_de** » Wed Mar 29, 2006 2:15 am

Let them know what version you are running.

I have never seen anything like that before in phpMyFAQ.

dweiss · Post by **dweiss** » Wed Mar 29, 2006 2:19 am

Version 1.5

I'm inclined to agree that this isn't necessarily a myfaq problem, but that is where I've found the first appearance of this issue and have not seen it elsewhere yet. Meanwhile, I' running every anti-virus / spyware program I have on the system.

david_de · Post by **david_de** » Wed Mar 29, 2006 2:54 am

There was a vulnerablity in 1.50 http://phpmyfaq.de/advisory_2005-11-18.php 1.54 was put out to replace 1.50. The current stable version is 1.57 It might not hurt to update.

Post by **Thorsten** » Wed Mar 29, 2006 4:28 am

Hi,

you should update to 1.5.7 as soon as possible. It seems that someone found a way to crack old vulnerable versions...

bye
Thorsten

dweiss · Post by **dweiss** » Fri Mar 31, 2006 1:17 am

Thorsten wrote:you should update to 1.5.7 as soon as possible. It seems that someone found a way to crack old vulnerable versions...
Thorsten

I've been holding out for 1.6, any idea how much longer? What is involved in the upgrade process, anyway? Is it just a matter of copying the new files over the old ones, or is there more to it?

david_de · Post by **david_de** » Fri Mar 31, 2006 1:37 am

dweiss wrote: What is involved in the upgrade process, anyway? Is it just a matter of copying the new files over the old ones, or is there more to it?

Not much more. Download the update and open the Docs folder then documentation.en.html it explains everything. I just take out the files that are not needed like template folder then upload what is left overwritting the online files. Then just run the update file. That is the short version read the document for details.