[pmwiki-users] pmwiki exploit
Joachim Durchholz
jo at durchholz.org
Tue Sep 5 09:13:36 CDT 2006
Simone Rota schrieb:
> A pmwiki exploit is reported here:
>
> http://isc.sans.org/diary.php?storyid=1672
>
> it appears only to affect systems with register_globals on
The bad news is that the people who're exploiting this are also trying
to exploit kernel vulnerabilities and gain root access.
The good news (beyond the register_globals hack) is that it isn't
reported for PmWiki above 2.1.19.
The problem is that it's a single report, which is based on anonymous
sources, so it could be a red herring. If it's a valid alarm, it doesn't
give details about the actual security holes involved, so fixing them
could take more effort and time than usual.
My priority list:
1) Disable register_globals where I can,
2) upgrade to PmWiki-latest (2.1.21) where I cannot, and
3) disable PmWiki on those servers that really, really need to be
secure, until PM comes around with a fuller analysis of the
situation.
YMMV.
Regards,
Jo
More information about the pmwiki-users
mailing list