Quote:
Originally Posted by Cooleyvol
First off, I'm placing blame at no one's feet.
TSW has had only one league affected out of our 14 leagues easily linked from any league on our network. That league is an OOTP league that runs Getch's utility.
Is it the only OOTP league we have that runs Getch's stuff? No, but its one of only two.
In my experience CMS are notorious for security holes, so I'd surmise that most of those affected were hit b/c of the CMS running the sites on Fidel's space, but it seems that there's a window in through Getch's utilities. We don't use CMS and have vBulletin, so I'm guessing since those windows were closed, the only other vulnerability left for us was Getch's utility.
I just reupped the index page of our affected site and all is well again, but I will check with that other league running Getch to see if they've seen this as well.
|
FYI, I don't use a CMS, my forum is SMF, and we're not hosted by Fidel. But, we do use Getch's utils. I'd probably shut the league down without them. lol. But if they are allowing access to unsavory types, I'd hope Getch could identify how and fix it. Not saying that I'm blaming anything either. Just saying.