Re: Wiki hacked?

To: Wookey <wookey@aleph1.co.uk>
Cc: Embedded Debian <debian-embedded@lists.debian.org>, joachim@vmlinux.org, Allen Curtis <acurtis@onz.com>
Subject: Re: Wiki hacked?
From: Wolfgang Denk <wd@denx.de>
Date: Thu, 29 Sep 2005 17:11:20 +0200
Message-id: <[🔎] 20050929151120.2E026353AB4@atlas.denx.de>
In-reply-to: Your message of "Thu, 29 Sep 2005 15:18:33 BST." <[🔎] 20050929141831.GL15930@xios>

In message <[🔎] 20050929141831.GL15930@xios> you wrote:
>
> Ther is stuff in the apache2 error log which looks suspicious:
> [Wed Sep 21 04:58:01 2005] [error] [client 217.116.136.9] [Wed Sep 21 04:58:01 2
> 005] view: Argument "2 %7|pwd" isn't numeric in numeric lt (<) at /var/www/twiki
> /lib/TWiki/UI/View.pm line 110.

That's the "TWiki INCLUDE function allows arbitrary shell command execution"
problem, see http://twiki.org/cgi-bin/view/Codev/TWikiSecurityAlerts

> But these errors seem to have been going on for a long time so are probably just harmless
> errors.

Not at all. Somebody has been running unauthorized commands  on  your
server.

Best regards,

Wolfgang Denk

-- 
Software Engineering:  Embedded and Realtime Systems,  Embedded Linux
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@denx.de
"More software projects have gone awry for lack of calendar time than
for all other causes combined."
                         - Fred Brooks, Jr., _The Mythical Man Month_

Reply to:

Follow-Ups:
- Re: Wiki hacked?
  - From: Wookey <wookey@aleph1.co.uk>

References:
- Re: Wiki hacked?
  - From: Wookey <wookey@aleph1.co.uk>

Prev by Date: Re: Wiki hacked?
Next by Date: Re: Wiki hacked?
Previous by thread: Re: Wiki hacked?
Next by thread: Re: Wiki hacked?
Index(es):
- Date
- Thread