You are not logged in.
- Topics: Active | Unanswered
Announcement
#1 2011-09-23 11:15:57
- foscaweb
- New member
- Registered: 2011-04-19
- Posts: 4
Xinha .js and .css files substituded by "sh: java not found"
Today I was surprised to find that our Xinha System was "dead"; the textarea lacked all buttons, in fact it was a mere HTML textarea.
I launched the Firefox error console and find this strange error: "sh: java: not found".
Then I checked the Xinha directory on our Ubuntu server and found thar most important .js and .css files had been replaced by a 131 byte file containing exactly that fake message: "sh: java: not found". The name of the file was preserved.
Luckily I had a backup and could restore all the file missing. Now Xinha seems to work properly again.
But the questione remains: what the hell did happen this morning? Was a hacker attack? Was a virus or worm or something or the like?
Or a Xinha bug?
Did anyone experience such a problem?
Is there a preventive method?
Thanks.
Paolo Bonavoglia
Offline
#2 2011-09-23 20:51:55
Re: Xinha .js and .css files substituded by "sh: java not found"
This issue was identified and protected against 1 year ago in http://trac.xinha.org/ticket/1515
The source of this is...
contrib/compress.php
contrib/compress_yui.php
you should delete these files (or add a .htaccess etc, see the ticket and revision)
James Sleeman
Offline
#3 2011-09-25 16:17:24
- foscaweb
- New member
- Registered: 2011-04-19
- Posts: 4
Re: Xinha .js and .css files substituded by "sh: java not found"
Thanks a lot. 
I followed your advice, and now 30 hours after a second attack, Xinha is functioning properly.
I understand it was a Xinha vulnerability and a hacker attack using it.
Hope there are no other vulnerability dangerous like this.
Paolo Bonavoglia
Offline