The secure CMS.
Forum Menu
Resources
Topics
- Home
- Development (317)
- Geeklog (209)
- Plugins (111)
- Themes (2)
- News (387)
- Announcements (248)
- Geeklog.net (31)
- Security (76)
- Spam (11)
- Summer of Code (27)
User Functions
Events
There are no upcoming events
What's New
Stories
1 new Stories in the last 2 weeksComments last 2 weeks
No new commentsTrackbacks last 2 weeks
No new trackback commentsLinks last 2 weeks
No recent new linksNEW FILES last 14 days
No new filesWelcome to Geeklog Saturday, May 25 2013 @ 04:53 AM EDT
|
||||||||
 |
Forum Index > Development & Coding > Geeklog |
New Topic
|
Post Reply
|
 Exploit published on milw0rm for |
|||
| Anonymous: tito |
|
||||||
|
|
Hi, i've seen this post today, and i don't find any subject on forum... For information :
http://www.milw0rm.com/exploits/6306 ++tito; |
||||||
|
|||||||
| Dirk |
|
||||||
 Admin  Status: offline  Registered: 01/12/02 Posts: 13027 |
Patience, please - I've only seen this a couple of minutes ago myself.
At first glance, this seems to rely on certain versions of FCKeditor. The URL used in that script doesn't exist in Geeklog 1.5.0, so at least for 1.5.0 this doesn't work. More later ... bye, Dirk |
||||||
|
|||||||
| Yeraze |
|
||||||
  Newbie Status: offline  Registered: 02/19/06 Posts: 10 |
The file _does_ exist on my install.. I had 1.4 previously and upgraded. While the file doesn't exist in a 1.5 clean, it does existin a 1.4 upgrade it seems.
I simply erased my entire fckeditor directory and copied it from the 1.5 public_html again, so I'm hoping I'm patched now. |
||||||
|
|||||||
| Dirk |
|
||||||
|
Admin Status: offline Registered: 01/12/02 Posts: 13027 |
When upgrading, the recommendation is to remove all the old files first - exactly for cases like this, where the file was removed from newer versions.
In 1.5.0, there's an upload script (within FCKeditor) in a different location. So I guess in theory this should also work on 1.5.0 if you changed the URL. I say in theory because I couldn't get it to work, neither with 1.4.1 nor 1.5.0. For the moment, though, it probably can't hurt to disable the upload in FCKeditor entirely - or remove the public "fckeditor" directory. On 1.4.1, edit public_html/fckeditor/editor/filemanager/upload/php/config.php On 1.5.0, edit public_html/fckeditor/editor/filemanager/connectors/php/config.php In both cases, find the line that reads PHP Formatted Code $Config['Enabled'] = true ;PHP Formatted Code $Config['Enabled'] = false;Note: Since this exploit does try to access FCKeditor directly, it won't matter if you have the "Advanced Editor" enabled in Geeklog or not. Do the above in any case. We're still looking into the issue and let you know when we find anything. Anyone wanting to provide more information, please do so at our security contact address. Thanks. bye, Dirk |
||||||
|
|||||||
| Anonymous: RichardBKK |
|
||||||
|
|
The temp solution is pretty simple, disable advanced editor and change permission to the fckeditor folder....
I'm sure that Dirk and other members of Geeklog will come up with a more permanent solution... Richard |
||||||
|
|||||||
| DubiousChrisJ |
|
||||||
|
Regular Poster  Status: offline Registered: 05/10/05 Posts: 114 |
How easy it is depends on how many instances of GL you have running...I sincerely hope I don't have to go chase through every installation looking for that. I tried to update to 1.5 previously, and couldn't get the upgrade to work, so rolled back. I'll be watching anxiously... :pray:
Luhme summa dat GL. |
||||||
|
|||||||
| gulftech |
|
||||||
|
Newbie Status: offline Registered: 02/17/06 Posts: 1 |
One thing I do see is that the extensions seem to be filtered, so as far as I can tell this can't be used to upload "illegal" file types. However, I m saying this by just looking at the code, I haven't tested the filetypes yet.
Edit: Edited the post containing 1.5 path info since i now see dirk already posted it on page 1. |
||||||
|
|||||||
08/25/08 12:42PM (Read 1831 times)
Quote| Content generated in: 1.38 seconds |
|
|
|
