[pmwiki-users] pmwiki exploit

Joachim Durchholz jo at durchholz.org
Tue Sep 5 09:13:36 CDT 2006

Simone Rota schrieb:
> A pmwiki exploit is reported here:
> http://isc.sans.org/diary.php?storyid=1672
> it appears only to affect systems with register_globals on

The bad news is that the people who're exploiting this are also trying 
to exploit kernel vulnerabilities and gain root access.

The good news (beyond the register_globals hack) is that it isn't 
reported for PmWiki above 2.1.19.

The problem is that it's a single report, which is based on anonymous 
sources, so it could be a red herring. If it's a valid alarm, it doesn't 
give details about the actual security holes involved, so fixing them 
could take more effort and time than usual.

My priority list:
1) Disable register_globals where I can,
2) upgrade to PmWiki-latest (2.1.21) where I cannot, and
3) disable PmWiki on those servers that really, really need to be
    secure, until PM comes around with a fuller analysis of the


More information about the pmwiki-users mailing list