1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Warning: OpenX backdoor (is your adserver compromised?)

Discussion in 'Off Topic' started by Walter, Aug 8, 2013.

  1. Walter

    Walter Well-Known Member

    As I know that the OpenX advertising script is pretty popular amongst forum admins:

    Juergen Schmidt from Heise.de has detected that OpenX 2.8.10 contains a backdoor (!). OpenX today has released a new version 2.8.11 that is fixed:
    http://forum.openx.org/index.php?showtopic=503521628

    How to upgrade your installation:
    http://www.openx.com/docs/upgrading-openx

    How to secure your installation:
    http://blog.openx.org/09/security-update-how-to-secure-your-openx-installation/
    (but of course that doesn't help anything against a backdoor in the ZIPs you download from the original website sigh)

    How to detect if your system contains the backdoor:
    Use
    Code:
    find . -name \*.js -exec grep -l '<?php' {} \;
    to look for a Javascript file. If the file contains something like
    Code:
    this.each(function(){l=flashembed(this,k,j)}<?php /*if(e)
    {jQuery.tools=jQuery.tools||{version:
    {}};jQuery.tools.version.flashembed='1.0.2';
    */$j='ex'./**/'plode'; /* if(this.className ...
    you have found the backdoor.

    But in any case, upgrade to 2.8.11!
     
  2. dutchbb

    dutchbb Well-Known Member

    Glad I read your earlier threads about OpenX and learned about Google DoubleClick so I don't have to worry about this **** anymore.
     
    Last edited by a moderator: Aug 8, 2013
    HWS likes this.
  3. Andy.N

    Andy.N Well-Known Member

    Same here. I read Walter posts years ago about openx exploits when i still using the system. I moved to dfp soon after that.
    Surprised he still puts up with that software
     
  4. HWS

    HWS Well-Known Member

    Using Openx is suicide for your business. This is simply a non secure software.
     
    Forsaken likes this.

Share This Page