[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] TWiki critical security advisory...

Subject: [ale] TWiki critical security advisory...
From: mhw at WittsEnd.com (Michael H. Warfield)
Date: Mon, 22 Sep 2008 10:01:57 -0400

Hey all,

	I mentioned this at the ALE meeting the other night that TWiki had a
critical security update.  The details of the vulnerability and example
exploit are now posted on milw0rm for all to see.  First and foremost,
anyone who has not done so should make sure the configure script for
TWiki is totally disabled!  This is a trivial unauthenticated remote
code execution vulnerability.  If your site has been running with an
exposed configure script, you should immediately scan the system for
intrusions and rootkits.  It is being exploited in the wild.  Check your
web logs for any sign of pipe command execution attempts.

	http://milw0rm.com/exploits/6509

	TWiki has an update to the configure script on their site.

	Regards,
	Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20080922/1f820bd0/attachment.bin

Prev by Date: [ale] Awk as a programming language
Next by Date: [ale] OLPC embraces and criticizes XO competitors
Previous by thread: [ale] Xnest and repainting.
Next by thread: [ale] comcast drops usenet
Index(es):
- Date
- Thread