Deprecated: Assigning the return value of new by reference is deprecated in /u/deptinfo/dalle/www/wiki2/cookbook/sourceblock.php on line 153

Warning: Cannot modify header information - headers already sent by (output started at /u/deptinfo/dalle/www/wiki2/cookbook/sourceblock.php:153) in /u/deptinfo/dalle/www/wiki2/pmwiki.php on line 885
Olivier Dalle's Corner: PmWiki / Security
Olivier Dalle's
Corner
$WikiTagline
 

Distributed Pages:

Cookbook Pages

Q What about the botnet security advisory at http://isc.sans.org/diary.php?storyid=1672?

Sites that are running with PHP’s register_globals setting set to “On” and versions of PmWiki prior to 2.1.21 may be vulnerable to a botnet exploit that is taking advantage of a bug in PHP. The vulnerability can be closed by turning register_globals off, upgrading to PmWiki 2.1.21 or later, or upgrading to PHP versions 4.4.3 or 5.1.4. In addition, there is a test at PmWiki:SiteAnalyzer that can be used to determine if your site is vulnerable.