Jump to content
jerry2

Exploit in Revive Adserver?

Recommended Posts

Is there any new exploit in Revive Adserver 3.2.4? Some script or something is putting prepend script to our ads and removing them few hours later. They log in in audit log as me, but the password is impossible to guess and the scripts are intact on the revive folder, server seem not to be compromised...

Any ideas?

Edited by Erik Geurts
Corrected product name spelling

Share this post


Link to post
Share on other sites

Yes today I canhged password. This logins started happening at the end of february, is it possible somebody exploited some old backdoor to get password? I'll see if it will happen again now, but I would like to know how they got my password in the first place. So was there some exploit before end of february that could get the attacker password?

I don't know what this JS iframes did, as I didn't get infected by browsing my website and I did that a lot...

Share this post


Link to post
Share on other sites

I cannot tell you how they have gotten your password(s).

Those JS-iframes can be vicious, but you should be fine if you applied your browser patches/updates. The ones I have seen are mostly targeted on older IE versions.

Share this post


Link to post
Share on other sites

Just a reminder as well to anyone following - if you've upgraded from a version that was older, it's possible the instance was already compromised - simply upgrading doesn't mean that someone who already has access will now no longer have access. There are specific steps you'll need to take if you've been compromised.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.




×
×
  • Create New...