Plone vulnerability being exploited on unpatched installations

Submitted by Tom Kephart on Sun, 02/24/2008 - 7:38pm.

Trend Micro's Juan Castro reports today that a vulnerability in Plone, discovered in November 2007 by AusCERT, has cropped up on a number of sites. The exploit uses a technique called "Doorway Pages" and redirects visitors to pages that then download malware to the visitor's computer. Castro's analysis is that someone is using the vulnerability discovered by AusCERT as a redirector to hijack traffic and possibly infect computers.

The vulnerability was addressed in Plone's version 3.0.3 and legacy version 2.5.5. If you're using Plone for any of your CMS-based websites, make sure your installation is patched to the current version, which is 3.0.6, or to the latest legacy version, which is 2.5.5.

Bookmark/Search this post with:

Post new comment

Your name: *

E-mail: *

The content of this field is kept private and will not be shown publicly.

Homepage:

Subject:

Comment: *

Input format

Filtered HTML

Web page addresses and e-mail addresses turn into links automatically.
Allowed HTML tags: <a> <b> <address> <blockquote> <br> <caption> <center> <code> <dd> <del> <div> <dl> <dt> <em> <font> <h2> <h3> <h4> <h5> <h6> <hr> <i> <img> <li> <ol> <p> <pre> <span> <strong> <sub> <sup> <table> <tbody> <td> <tfoot> <th> <thead> <tr> <u> <ul> <tr>
Lines and paragraphs break automatically.

Pingback format

Web page addresses and e-mail addresses turn into links automatically.
Lines and paragraphs break automatically.
Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA

This question is for testing whether you are a human visitor and to prevent automated spam submissions.