From: Steve B. <sbr...@gm...> - 2007-12-14 18:04:04
|
> > Modifications seemed to be > > based around a PHP global variable which we cannot track down. > > Actually I don't understand what this means... What do you mean "cannot track down"? It means that we couldn't find any reference to it in a doc or anywhere else online. However, we have since become aware of how this variable might be created. > What diff do you see between the compromised version and > the one that is there now? I see only a comment diff in one file. it was a small block of code that checks for a $_SERVER var. If that var was present, it would redefine SM_PATH. Under normal circumstances, this would never be executed, but we have since learned how to make it execute. Please upgrade to 1.4.13. :-) |