Hello
Ok for logs but you know the procedure for reproduce this attack ? The logs are not relevant. Who is admin, who is reseller, who is customer in the logs ?
(07-14-2010 07:38 AM)Alex Joe Wrote: Hello,
Unfortunately, it is possible to compromise the password to the panel and carrying out attack on the server.
IP attacker: 188.249.164 and 62.120.196.147
ISPCP Admin log in attachment. Server logs are destroyed by attacker.
Edit: What was broken on your server ? Just for the record:
Code:
User IP: 188.249.164.80 11.07.2010 14:54 Warning! user |1tech.pl| requested |/reseller/domain delete
php?domain_id=157| with REQUEST_METHOD |GET|
is not a security hole since a login checking is made by all called scripts. It's just warning.
The warn occurs when an user like admin or customer call the reseller/domain_delete.php?domain_id=123 directly for example.
Now, just for security reasons, I'll inspect better but please, provides us more information.
Best regards ;
Search
Member List
Calendar
Help
/
Security hole in ISPCP 1.0.5
