[Phpwiki-talk] IMPORTANT More UpLoad hacks

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Via the Phpwiki 1.3.x UpLoad feature some hackers from russia upload a
php3 or php4 file,
install a backdoor at port 8081 and have access to your whole disc and
overtake the server.

See http://ccteam.ru/releases/c99shell

The uploaded file has a php, php3 or php4 extension and looks like a
gif to the mime magic.
So apache usually accepts it.

To fix this issue at first move the lib/plugin/UpLoad.php file out of
this directory.

You can fix it by adding those two lines to your list of disallowed extensions:

php3
php4

Currently only php is disallowed.
-- 
Reini Urban
http://phpwiki.org/              http://murbreak.at/
http://spacemovie.mur.at/   http://helsinki.at/