Mambo Hosts, Be Aware of Hackers

Netcrat warned that hackers are actively seeking out unpatched versions of the Mambo content management system (CSM), which recently repaired a serious security hole. The latest exploit attempts target a different vulnerability than the Mare.D worm, which grabbed headlines last month but apparently did limited damage to Mambo sites. Sites running on Mambo should upgrade to the latest version as soon as possible.

Threee weeks ago a company called GulfTech Security Research announced vulnerabilities in Mambo that could allow a server compromise by a remote attacker, including several methods of an SQL injection attack. The company has also found a way for attackers to use Mambo’s file inclusion features to breach system security. Last July Bercegay discovered a weakness in XML-RPC libraries used by numerous PHP-based blogging and content management apps.

More on Netrcraft’s web site, thanks to Rich Miller.

About the Author

Dimitar A.
Dimitar is founder of the global Cloud & Infrastructure Hosting provider HostColor.com & European Cloud IaaS company RAX. He has two Decades-long experience in the web hosting industry and in building and managing Cloud computing infrastructure and IT ecosystems. Dimitar is also political scientist who has published books "The New American State" and "The New Polity". "The New American State" is one of the best current political books. It is focused on the change of the American political process. It offers a perspective on how the fourth industrial revolution, also called the Digital Revolution and Industry 4.0, marks the beginning of an era of deterritorialization.