| To: | bugtraq@securityfocus.com |
|---|---|
| Subject: | Critical phpwiki c99shell exploit |
| From: | rurban@x-ray.at |
| Date: | 12 Apr 2007 13:14:14 -0000 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
Via the Phpwiki 1.3.x UpLoad feature some hackers from russia uploaded a php3 or php4 file, install a backdoor at port 8081 and have access to your whole disc and overtake the server. A url in the file is http://ccteam.ru/releases/c99shell The uploaded file has a php, php3 or php4 extension and looks like a gif to the mime magic. So apache usually accepts it. To fix this phpwiki issue at first move the lib/plugin/UpLoad.php file out of this directory. You can fix it by adding those two lines to your list of disallowed extensions: php3 php4 Currently only "php" is disallowed. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3, Hanno Böck |
|---|---|
| Next by Date: | [security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014, security-alert |
| Previous by Thread: | CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3, Hanno Böck |
| Next by Thread: | Re: Critical phpwiki c99shell exploit, Gadi Evron |
| Indexes: | [Date] [Thread] [Top] [All Lists] |