Security issue

  • Resolved Komenda1

    (@komenda1)


    10 years, 8 months ago

    Our site komenda1.skavt.net recently had enormous amount of “attacks” to specific file: xmlprc.php in NextGen plugin directory.
    It created a 30GB log file in a week or so. Here it is a quick preview of a log file:

    [Thu Oct 08 11:58:10.706838 2015] [:error] [pid 21669] [client 66.249.64.213:53632] PHP Warning: Illegal string offset ‘saved’ in /srv/htdocs/users.skavt.net/komenda1/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php on line 2486
    [Thu Oct 08 11:58:10.707035 2015] [:error] [pid 21669] [client 66.249.64.213:53632] PHP Warning: Illegal string offset ‘saved’ in /srv/htdocs/users.skavt.net/komenda1/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php on line 2486
    [Thu Oct 08 11:58:10.707064 2015] [:error] [pid 21669] [client 66.249.64.213:53632] PHP Warning: Illegal string offset ‘saved’ in /srv/htdocs/users.skavt.net/komenda1/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php on line 2486
    [Thu Oct 08 11:58:10.707085 2015] [:error] [pid 21669] [client 66.249.64.213:53632] PHP Warning: Illegal string offset ‘saved’ in /srv/htdocs/users.skavt.net/komenda1/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php on line 2486

    and so on…
    [Thu Oct 08 12:35:29.989510 2015] [:error] [pid 28127] [client 194.0.59.55:41636] PHP Warning: Illegal string offset ‘saved’ in /srv/htdocs/users.skavt.net/komenda1/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php on line 2486
    [Thu Oct 08 12:35:29.989525 2015] [:error] [pid 28127] [client 194.0.59.55:41636] PHP Warning: Illegal string offset ‘saved’ in /srv/htdocs/users.skavt.net/komenda1/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php on line 2486

    and so on…

    Our tehnical support found out, that it is something wrong with file in:
    /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php
    since we were not the only one with this kind of problem. They said they fixed a problem, bit it will be overwritten with next NextGen plugin update. Here is what they did:
    file: komenda1/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php
    line: 2485
    before fix: if (i!isset($meta['saved'])) {
    after fix: if (is_array($meta) && !isset($meta['saved'])) {

    They said it is something with array checking. I am not familiar with this kind of stuff, so there is everything I can tell you.
    Before we hard-coded this, we tried disabling/updating all other plugins and changing user passwords(we only have two users). No success.

    Please, can someone check this issue, there is a way that our site will be disabled if we don’t figure it out.
    Thanks

    https://ww.wp.xz.cn/plugins/nextgen-gallery/

Viewing 12 replies - 1 through 12 (of 12 total)
  • Plugin Contributor photocrati

    (@photocrati)

    10 years, 8 months ago

    @komenda1 – Thanks for letting us know about this … I’ll have our developers review it as soon as possible.

    – Cais.

    Plugin Contributor photocrati

    (@photocrati)

    10 years, 8 months ago

    @komenda1 – PS: Are you using the Lightroom plugin for NextGEN Gallery to upload your images?

    – Cais.

    Thread Starter Komenda1

    (@komenda1)

    10 years, 8 months ago

    @photocrati
    No. We have four plugins:
    Subscribe2
    Really Simple Share
    NextGEN Gallery by Photocrati
    and
    BMo Expo – a WordPress and NextGEN Gallery plugin
    While searching for the cause of this problem, the last (BMo Expo) and all other plugins were disabled, so I am sure it is NextGEN.

    I upload photos/galleries with default NextGEN plugin interface. Sometimes I use FTP, but mostly just “Upload Images” or “Import Folder”.

    – There are only two users with new passwords.
    – Commenting is disabled.

    Thank you for your help, hope we will solve this issue.

    Plugin Contributor photocrati

    (@photocrati)

    10 years, 8 months ago

    @komenda1 – We are reviewing this but what you are reporting is *not* a security issue but an error message issue.

    Thanks for the update!

    – Cais.

    Thread Starter Komenda1

    (@komenda1)

    10 years, 8 months ago

    @photocrati

    Ok, good, let me know, hope you can manage to discover the problem.

    As I said, I’m not an expert so I can’t say what it is or why it is. But, I need to write something on topic title, so this seemed the closest title to what I knew.

    Thanks, Domen.

    Plugin Contributor photocrati

    (@photocrati)

    10 years, 7 months ago

    @komenda1 – Thanks, we should have this sorted out in the next release of NextGEN Gallery.

    – Cais.

    Thread Starter Komenda1

    (@komenda1)

    10 years, 7 months ago

    Thank you!

    Plugin Contributor photocrati

    (@photocrati)

    10 years, 7 months ago

    @komenda1 – You’re welcome!

    – Cais.

    Thread Starter Komenda1

    (@komenda1)

    9 years, 9 months ago

    Hello.
    Again me, same problem: error on server side:
    PHP Warning: Illegal string offset ‘saved’ in …/www/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/package.module.nextgen_data.php on line 2543″

    I’m not a programmer si I don’t know, but our technical support did say something about checking property existance and accesing them, but that is not a thing I can help.

    I’ve had this same problem a couple of times meanwhile. So, I am using your free version of plugin, meaning I understand I can’t really “make any terms”, but if this errors keep showing on, I will have to unninstal this plugin from my pages. I know it is just 6 pages less for you, but still, I would rather have simpler and more reliable plugin.

    Hope you manage to fix this really soon, our site is partially down in the meantime.
    Thanks, Domen.

    Plugin Contributor photocrati

    (@photocrati)

    9 years, 8 months ago

    @komenda1 – If this issue is persisting then it may be best to send us a Bug Report ((https://imagely.com/report-bug/ … please reference this topic)) so we can have a closer look at your site.

    Please include as many details as you can about your site and the issue at hand so we can move on this as fast as possible.

    Thanks!

    – Cais.

    Thread Starter Komenda1

    (@komenda1)

    9 years, 8 months ago

    Done.

    Plugin Contributor photocrati

    (@photocrati)

    9 years, 8 months ago

    @komenda1 – Thanks! I have sent a reply earlier today. Let’s keep the conversation in the Bug Report for the time being.

    – Cais.

Viewing 12 replies - 1 through 12 (of 12 total)

The topic ‘Security issue’ is closed to new replies.

Tags