Plone vulnerability being exploited on unpatched installations

Submitted by Tom Kephart on Sun, 02/24/2008 - 7:38pm.

Trend Micro's Juan Castro reports today that a vulnerability in Plone, discovered in November 2007 by AusCERT, has cropped up on a number of sites. The exploit uses a technique called "Doorway Pages" and redirects visitors to pages that then download malware to the visitor's computer. Castro's analysis is that someone is using the vulnerability discovered by AusCERT as a redirector to hijack traffic and possibly infect computers.

The vulnerability was addressed in Plone's version 3.0.3 and legacy version 2.5.5. If you're using Plone for any of your CMS-based websites, make sure your installation is patched to the current version, which is 3.0.6, or to the latest legacy version, which is 2.5.5.

Bookmark/Search this post with:

Post new comment

Your name: *

E-mail: *

The content of this field is kept private and will not be shown publicly.

Homepage:

Subject:

Comment: *

Input format

Filtered HTML

Web page addresses and e-mail addresses turn into links automatically.
Allowed HTML tags: <a> <b> <address> <blockquote> <br> <caption> <center> <code> <dd> <del> <div> <dl> <dt> <em> <font> <h2> <h3> <h4> <h5> <h6> <hr> <i> <img> <li> <ol> <p> <pre> <span> <strong> <sub> <sup> <table> <tbody> <td> <tfoot> <th> <thead> <tr> <u> <ul> <tr>
Lines and paragraphs break automatically.

Pingback format

Web page addresses and e-mail addresses turn into links automatically.
Lines and paragraphs break automatically.
Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA

This question is for testing whether you are a human visitor and to prevent automated spam submissions.

New Tech Heroes

Navigation

Thought provoking

Tag cloud

Plone vulnerability being exploited on unpatched installations

Post new comment

New Tech Heroes

Popular content

Today's:

All time:

Blogroll

CMS versions