2 Sep 23:09
Heads up! A 0-day security exploit
From: Juanan Pereira <chessy@...>
Subject: Heads up! A 0-day security exploit
Newsgroups: gmane.comp.cms.tiki.devel
Date: 2006-09-02 21:13:31 GMT
Subject: Heads up! A 0-day security exploit
Newsgroups: gmane.comp.cms.tiki.devel
Date: 2006-09-02 21:13:31 GMT
Heads up! A 0-day security exploit for Tikiwiki is online. I've probe it against my localhost machine based on a Tiki 1.9 and then in a Tiki CVS HED and it works in both cases! (glups) I'm not sure if it is a good idea to post here the url for the exploit... so, please, email me if you want more info, but the exploit it's related to a jhot.php (located in $_SERVER['DOCUMENT_ROOT'] of our tikiwikis). I've deleted that file and now the exploit fails. Hope it helps... Juanan Pereira ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
RSS Feed