SECURITY ALERT [Intégré]
Please remove script links/trackback.php
manually from your server
Propriétaire | Bernard Paques |
Avancement | |
Workflow | Besoin d'aide |
Statut | La solution a été intégrée |
We have been reported one site running YACS 7.2 hacked. The root case analysis has shown repeated attacks on the aforementioned script. Flaws identified here have been fixed in the archive 7.3alpha19 released on March-20.
If you can't or don't want to move to this new version, the simplest way to protect your server is to manually remove the script
A safer version will be automatically re-installed during a next update to 7.3, so you won't have to do something specific on this after the removal.
If you can't or don't want to move to this new version, the simplest way to protect your server is to manually remove the script
links/trackback.php
with the limited drawback of not accepting trackback requests for some time.A safer version will be automatically re-installed during a next update to 7.3, so you won't have to do something specific on this after the removal.