[pmwiki-users] Online test available for latest security vulnerability
Pico
pmwiki at ben-amotz.com
Tue Sep 5 18:42:57 CDT 2006
Patrick R. Michaud wrote:
> Today I've quickly put together a system that allows wiki
> administrators to easily test if their site is vulnerable to
> the register_globals problem described earlier.
>
> The starting page is at http://www.pmwiki.org/wiki/PmWiki/Analyzer .
> There are instructions on the page, but I'll give an overview of
> the process here.
[snip]
I get various errors in the header:
Warning: fopen(): php_network_getaddresses: getaddrinfo failed: Name or
service not known in /home/pmichaud/pmwiki/local/PmWiki.Analyzer.php on
line 69
Warning:
fopen(http://pico.ben-amotz.com?n=Site.Analyze&action=analyze&FarmD=http://www.pmwiki.org&-1778478215=1&-1304181425=1):
failed to open stream: Success in
/home/pmichaud/pmwiki/local/PmWiki.Analyzer.php on line 69
Warning: Cannot modify header information - headers already sent by
(output started at /home/pmichaud/pmwiki/local/PmWiki.Analyzer.php:69)
in /home/pmichaud/pmwiki/pmwiki.php on line 884
When I get results, they are:
Obtain site configuration ok
$FarmD register_global vulnerability no connection
Pico
More information about the pmwiki-users
mailing list