[pmwiki-users] Vulnerability being exploited
Hsing-Foo Wang
hsingfoo at gmail.com
Sat Dec 23 04:35:20 CST 2006
Something is really going wrong here.... pmwiki.org is down, is it related?
-HF
On 12/22/06, Wade Hudson <whudson at igc.org> wrote:
>
> Dear pmwiki users:
>
> On my site, a vulernability is being exploited on the top-level script.
> About ten times a day, I receive spam that includes a number as the username
> and then has "@users.hostname.net" as the domain name.
> My web host tells me:
>
>
> The mail logs suggest that this message was indeed generated on our Web
> server, and the web logs turn up... something that looks like the (ab)use of
> a script on your own site, corresponding to the message time exactly:
>
> 193.108.252.170 - - [20/Oct/2006:14:51:12 -0700] "POST /pmwiki.php
> HTTP/1.1" 302 16 "http://sitename/pmwiki.php" "Mozilla/5.0 (Windows; U;
> Windows NT 5.0; en-US; rv:1.0rc3) Gecko/20020523"
>
> You need to close the exploit one way or another. We've had to disable Web
> scripts recently because they were being used for massive spamming and were
> bringing our whole Web server down, so it's probably just a matter of time
> before yours is more aggressively exploited.
>
> Looking more closely, the URL that's getting used is just /pmwiki.php,
> which is the central top-level script for the site
> I am a relative novice. A friend set this site up for me. I think I know
> how to upload files to the site using WinSCP, which is configured to connect
> to the website when I log in, but that's about it. I could edit a particular
> file with precise instructions. So please be as simple and step-by-step as
> you can with your advice.
>
> Also, if one of you might be available for one-on-one guidance, that might
> be helpful, unless what I need to do is very easy.
>
> Thanks,
> Wade
>
>
> _______________________________________________
> pmwiki-users mailing list
> pmwiki-users at pmichaud.com
> http://www.pmichaud.com/mailman/listinfo/pmwiki-users
>
>
>
More information about the pmwiki-users
mailing list