George Theall on 18 Jan 2005 13:32:18 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Re: Websites Defaced, any advice?


On Tue, Jan 18, 2005 at 01:30:44AM -0500, Tom Diehl wrote:

> Just a thought, do you have "register_globals = On" in your php.ini?? 

That wouldn't stop this particular attack, Tom.  The problem is that
TikiWiki allows (in vulnerable versions at least) anyone to upload any
file they want as an "image" into a specific location within the
document root and then access that file; upload a PHP file and it will
be executed when accessed.  Simple as that. 


George
-- 
theall@tifaware.com

Attachment: pgp8EuM3qhF7N.pgp
Description: PGP signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug