[dokuwiki] Re: Strange attack on the wiki

Oliver Schulze L. writes:

I just created an alert in google using this search term:
dokuwiki group:mailing.unix.bugtraq
It may help us in the future ;)

good idea but wouldn't have helped us in this case. Because the guy just posted the exploit today instead of informing us about it.

Also, I hope Andi or Chris could comment on this exploit later,
is it dangerous? in which environments it can be exploited?

It is very dangerous. The two expoits you've linked didn't use the whole potential of the problem yet. From what I can see it should be possible to use this to place any kind of code on the webserver. :-(

Exploitable are all installs where the bin directory is unprotected and the
register_argc_argv PHP option is enabled - which is probably nearly everywhere because it's on by default.

So yes this is one of those worst case exploits :-( Again :-(

Andi
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts: