DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 20th December 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,143
Thanked 182 Times in 149 Posts
Default TYPO3 developers warn of critical hole

From http://h-online.com/-1397861

Quote:
The TYPO3 developer team has warned that a critical hole in the TYPO3 Content Management System (CMS) potentially allows attackers to compromise a server. Insufficient checking of the AbstractController.php file's BACK_PATH parameter enables attackers to upload and execute arbitrary PHP scripts (Remote File Inclusion). The developers have been informed that attackers are already trying to intrude into users' servers on a large scale.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Critical security hole in current version of Opera J65nko News 5 20th October 2011 06:14 AM
Critical hole in the Exim Mail server closed J65nko News 0 9th May 2011 08:26 PM
Opera 11.01 closes critical hole J65nko News 0 27th January 2011 04:14 PM
Critical hole closed in Foxit Reader J65nko News 0 10th August 2010 05:51 PM
Firefox 3.6.3 closes a critical hole J65nko News 0 2nd April 2010 05:52 PM


All times are GMT. The time now is 07:32 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick