Menu
▾
▴
[Apc-aa-coders] RATHER BAD: sql_update.php3 security issue
|
From: Marek T. <ma...@gn...> - 2010-04-07 15:07:29
|
Hi, I've just been asked to solve a following mystery - AA reverting back to where it was months or weeks ago for no obvious reasons. After a lot of digging I have found out that the culprit is the sql_update.php3 script, which 1) restores from bck_ tables without asking for password 2) the (destructive) action is GET based this has resulted in a random spider or vulnerability scanner going to /apc-aa/sql_update.php3?repair=AA_Optimize_Redefine_Site_Templates and just reverting the site back to whne the bck_ tables were created. Normally the bck_ tables are deleted but here they - for some reason (permissions, result of some manual backup etc..) - were left alongside the live tables. I believe the update script should not be executable by default. Best Marek PS: The attached image could be called "How to loose months of work in one click". |
