Closed (won't fix)
Project:
Drupal.org site moderators
Component:
Other
Priority:
Normal
Category:
Support request
Assigned:
Unassigned
Reporter:
Created:
4 Dec 2008 at 10:42 UTC
Updated:
29 Apr 2010 at 14:11 UTC
I have sent this to the security team originally, as it is (I think) a security issue. I suppose though that the security team only deals with security issues in core so I guess the webmasters should take a look:
I tried to visit the demo page listed at http://drupal.org/project/cumulus.
The usage of memory became excessive and Kaspersky Internet Security 7 issued this warning:
The requested URL http://dornaboret.com/cache/getfile.php?f=vispdf is infected with Exploit.Win32.Pidief.uo virus
I am not inclined to try it again - Windows reported low Virtual Memory and almost crashed. Please investigate. (I do hope is not just something else that caused a false alarm)
Comments
Comment #1
killes@www.drop.org commentedYou are right that the secuirty team doesn't deal with such stuff (although I don't recall seing your mail there).
Anyway, I don't think there's much to do here:
1) This wouldn't be the first website where some anti virus kit did give a false warning.
2) It also wouldn't be the first time that flash crashed a browser or even computer.
I've just visited the site without any ill effect (being a Linux user, I don't use an anti virus kit, though). the user lut4rp is a respected Drupal contributor and I doubt he'll play any pranks on us. I'll however ask him to look into this.
Comment #2
lut4rp commentedThat demo website is my own personal blog. I don't get any such warning. I suggest you check your computer.
Comment #3
bestknight commentedThank you for your replies after which I tried to visit the demo site again as I am interested in the cumulus project. On loading the page, once again the memory usage went up from around 480MB to 1461MB peak. In the status bar, the same URL http://dornaboret.com/cache/getfile.php?f=vispdf was once again requested but there was no reply for the requested file this time. I do not think it is a problem on my computer - could it be only happening on that particular webpage and be something with my computer? Anyway, I apologise for any inconvenience but please do check the demo site for that particular exploit.
Comment #4
lut4rp commentedI asked one of my friend who uses Avast antivirus on Windows. He too is getting an issue with the same URL you mentioned. But, there's no problem for him if he opens http://pratul.in/tags directly. Only if he clicks the project's demonstration link, he gets the alert.
Can you also try opening the demo link directly?
Comment #5
bestknight commentedJust tried to open it directly (http://pratul.in/tags). I got another warning on a download from the side - download was blocked:
detected: Trojan program Exploit.JS.Pdfka.al URL: http://bibilon.net/con/count.php?o=2//count
Comment #6
kmgflavin commentedI just went to the website, didn't have any problems.
Comment #7
dave reidLinux user here. None of the malicious URLs linked here were present in the source code and I had no problems viewing the site.