Todd Augsburger wrote:
Certain versions of Word Press seem to be a popular target, but it looks like it could potentially affect any PHP script without adequate input validation on a server with url_fopen enabled. Someone also pointed me to this page, which has some fixes that you can use on shared hosting where you don't have access to the system php.ini.Interesting stuff! (Although only marginally about DokuWiki)Googling "namogofer" or its md5('f') response gets hundreds of hits, so I assume there are a significant number of compromised hosts. Any idea what the target app was?
http://www.embedded.ch/http.htm Jonathan -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist