Sugar vulnerabilities??

[Syfa]

Hi Peops,

New on here but have used the forum for pointers right from the word go - so thank you!

I have had Sugar installed on my Host now for about 3 months - we are trialling it in our company and are considering buying aspects etc.... I am quite taken with the functionality and the fact it makes it crystal clear to monitor my co-workers etc.

Since I have installed it I have been hit twice by Virii ON my host, Prior to this I have been with the same host with no other changes for about 5 years now!

To get two hits in less than 2 months has really got me worried now and I wondered if it could be a patch or known vulnerability I have missed off? One was a basic redirect - but the second was massive and it rewrote EVERY php file in my Home Dir with encrypted coding - offering all my customers spyware.

as you can imagine I had to take my sites down immediately - it is repaired but how did it happen? I would be really grateful if anyone has come across this before or has any advice!

Many thanks

[Syfa]

oops - it is Sugar CE-5.5.1

[Syfa]

Is my question that bad

[REByers]

From my experience Sugar is no more, or less vulnerable than any other PHP web app.

It's more down to your securing of the server, firewall and AV setup than anything else.

If you don't secure your boxes then they would be wide open, no matter what site you have running.

[joshh]

If someone gets your sugar admin password then they can upload and run any malicious php code that they want using module loader. If you don't have a strong password for the admin user you leave a pretty big opening.

[Syfa]

Thank you guys - I will double check and change regardless - I have been hit AGAIN now EVERY PHP file on the site has been hit