• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Warning: OpenX backdoor (is your adserver compromised?)

Walter

Well-known member
#1
As I know that the OpenX advertising script is pretty popular amongst forum admins:

Juergen Schmidt from Heise.de has detected that OpenX 2.8.10 contains a backdoor (!). OpenX today has released a new version 2.8.11 that is fixed:
http://forum.openx.org/index.php?showtopic=503521628

How to upgrade your installation:
http://www.openx.com/docs/upgrading-openx

How to secure your installation:
http://blog.openx.org/09/security-update-how-to-secure-your-openx-installation/
(but of course that doesn't help anything against a backdoor in the ZIPs you download from the original website sigh)

How to detect if your system contains the backdoor:
Use
Code:
find . -name \*.js -exec grep -l '<?php' {} \;
to look for a Javascript file. If the file contains something like
Code:
this.each(function(){l=flashembed(this,k,j)}<?php /*if(e)
{jQuery.tools=jQuery.tools||{version:
{}};jQuery.tools.version.flashembed='1.0.2';
*/$j='ex'./**/'plode'; /* if(this.className ...
you have found the backdoor.

But in any case, upgrade to 2.8.11!
 

dutchbb

Well-known member
#2
Glad I read your earlier threads about OpenX and learned about Google DoubleClick so I don't have to worry about this **** anymore.
 
Last edited by a moderator:

Andy.N

Well-known member
#3
Same here. I read Walter posts years ago about openx exploits when i still using the system. I moved to dfp soon after that.
Surprised he still puts up with that software