Re: Wiki hacked?
In message <[🔎] 20050929141831.GL15930@xios> you wrote:
> Ther is stuff in the apache2 error log which looks suspicious:
> [Wed Sep 21 04:58:01 2005] [error] [client 220.127.116.11] [Wed Sep 21 04:58:01 2
> 005] view: Argument "2 %7|pwd" isn't numeric in numeric lt (<) at /var/www/twiki
> /lib/TWiki/UI/View.pm line 110.
That's the "TWiki INCLUDE function allows arbitrary shell command execution"
problem, see http://twiki.org/cgi-bin/view/Codev/TWikiSecurityAlerts
> But these errors seem to have been going on for a long time so are probably just harmless
Not at all. Somebody has been running unauthorized commands on your
Software Engineering: Embedded and Realtime Systems, Embedded Linux
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: firstname.lastname@example.org
"More software projects have gone awry for lack of calendar time than
for all other causes combined."
- Fred Brooks, Jr., _The Mythical Man Month_