Netcrat warned that hackers are actively seeking out unpatched versions of the Mambo content management system (CSM), which recently repaired a serious security hole. The latest exploit attempts target a different vulnerability than the Mare.D worm, which grabbed headlines last month but apparently did limited damage to Mambo sites. Sites running on Mambo should upgrade to the latest version as soon as possible.
Threee weeks ago a company called GulfTech Security Research announced vulnerabilities in Mambo that could allow a server compromise by a remote attacker, including several methods of an SQL injection attack. The company has also found a way for attackers to use Mambo’s file inclusion features to breach system security. Last July Bercegay discovered a weakness in XML-RPC libraries used by numerous PHP-based blogging and content management apps.
More on Netrcraft’s web site, thanks to Rich Miller.