Re: Worm "Santy.C" problem for TikiWiki?

Development

Forum List Topic List

Posted by jburley 28 Dec 2004 18:55 GMT-0000 posts: 6 ☆ ☆ United States

Just to clarify.... based on the given info about the worm:
"It targets ANY .PHP page/script vulnerable to a remote file inclusion
(programming) flaw these vulnerabilities are independent from the PHP version, they result from common coding mistakes"

TW does, in fact, have these "common coding mistakes" in there by default?

Is there a certain string I can grep for to try and help commit some fixes?

Or, damian, do you mean that if a user took the codebase and added their own custom code/plugins, they can open themselves up to attack?

Reads: 551

Link

There are no comments at this time.

Jump to forum:

1)	18 Apr 2024 14:00 GMT-0000 Tiki Roundtable Meeting
2)	16 May 2024 14:00 GMT-0000 Tiki Roundtable Meeting
3)	20 Jun 2024 14:00 GMT-0000 Tiki Roundtable Meeting
4)	18 Jul 2024 14:00 GMT-0000 Tiki Roundtable Meeting
5)	15 Aug 2024 14:00 GMT-0000 Tiki Roundtable Meeting
6)	19 Sep 2024 14:00 GMT-0000 Tiki Roundtable Meeting
7)	08 Oct 2024 Tiki birthday
8)	17 Oct 2024 14:00 GMT-0000 Tiki Roundtable Meeting
9)	21 Nov 2024 14:00 GMT-0000 Tiki Roundtable Meeting
10)	19 Dec 2024 14:00 GMT-0000 Tiki Roundtable Meeting

...more

Development