06-03-2006, 02:43 PM | #1 |
forum loafer
|
Remote Privilege Escalation Exploit
FYI, milw0rm is reporting a Remote Privilege Escalation Exploit in PP <= 1.5
http://www.milw0rm.com/exploits/1868 |
06-03-2006, 03:36 PM | #2 |
Team Pixelpost
|
Thx for link.
For now without testing but seeing security whole fast fix looks like: 1) find: PHP Code:
PHP Code:
__________________
My photoblog powered by PixelPost 1.6 dev SVN with mod_rewrite feature and Related Pictures addon Show Category ADDON GeoS No SPAM Template woophy.com - votes are welcome coolphotoblogs.com - feel free to vote |
06-03-2006, 08:41 PM | #3 |
pp veteran
|
In fact, there seem to be three exploits there.
|
06-04-2006, 03:35 AM | #4 |
pixelpost guru
Join Date: Dec 2005
Location: Somewhere in India
Posts: 623
|
Sigh! finally someone else got to it and published...
Fixes are easy - but it is Sunday morning here As for Register Globals = On exploit anyone who runs a server with that setting is doomed anyways
__________________
http://se.nsuo.us - A photoblog of sensual, abstract nudes [may not be work safe for some] My Pixelpost Addons, Cheesecake-Photoblog Software |
06-04-2006, 09:13 AM | #5 |
Team Pixelpost
|
In case of register_globals = On all depends from variables_order which by default is secure:
variables_order = "EGPCS"
__________________
My photoblog powered by PixelPost 1.6 dev SVN with mod_rewrite feature and Related Pictures addon Show Category ADDON GeoS No SPAM Template woophy.com - votes are welcome coolphotoblogs.com - feel free to vote |
06-04-2006, 11:41 AM | #6 |
Team Pixelpost
|
Next fix for register globals.
Affected files: /admin/categories.php /admin/comments.php /admin/images_edit.php /admin/new_image.php /admin/options.php /admin/view_addons.php /admin/view_info.php Find at beginning of each: PHP Code:
PHP Code:
__________________
My photoblog powered by PixelPost 1.6 dev SVN with mod_rewrite feature and Related Pictures addon Show Category ADDON GeoS No SPAM Template woophy.com - votes are welcome coolphotoblogs.com - feel free to vote |
06-04-2006, 12:01 PM | #7 |
Team Pixelpost
|
Next fast fix for point 2. There will be probably better one in future.
Find in /index.php (line 681/712): PHP Code:
PHP Code:
__________________
My photoblog powered by PixelPost 1.6 dev SVN with mod_rewrite feature and Related Pictures addon Show Category ADDON GeoS No SPAM Template woophy.com - votes are welcome coolphotoblogs.com - feel free to vote |
06-04-2006, 12:18 PM | #8 |
Team Pixelpost
|
is point 4 fixed on that? it scares me! but i don't fully understand how it works.
__________________
ZOMBIE GOAT PORN |
06-04-2006, 03:36 PM | #9 |
Team Pixelpost
Join Date: Oct 2004
Location: Hamburg, Germany
Posts: 4,630
|
have a look at www.photografitti.de
I cannot log in anymore, my hoster says he did nothing.. something "wait for redirect..:" is this caused by some of these exploits?
__________________
Connie -------| one of the Pixelpost-Veterans www.photografitti.de my Photoprojects: www.zweiterblick.de |
06-04-2006, 03:43 PM | #10 |
Team Pixelpost
|
I forgot about this one.
At beginning of /admin/index.php find: PHP Code:
PHP Code:
__________________
My photoblog powered by PixelPost 1.6 dev SVN with mod_rewrite feature and Related Pictures addon Show Category ADDON GeoS No SPAM Template woophy.com - votes are welcome coolphotoblogs.com - feel free to vote |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Display Modes | |
|
|