[Mediawiki-l] site defaced
Ryan Clark
support at rookscape.com
Fri Aug 6 15:12:46 UTC 2004
Did you have file uploads enabled? If so, did you ensure that PHP was
disabled in your upload folder? If not, the script-kiddie could easily have
uploaded some malicious PHP and executed it.
Ryan
On August 6, 2004 11:59 am, Greg Rundlett wrote:
> My website was just defaced, and I have not yet had a chance to
> investigate the exact causes. The script-kiddie was able to upload a
> php shell creation script + php-explorer and others.
>
> I installed mediawiki in the last two weeks, and the folder is now
> gone. I'm wondering if mediawiki is known to be secure with
> allow_url_fopen set to on? Are there any known vulnerabilities in
> mediawiki? I do not know the exact vulnerability that caused my site to
> be owned, and there may have been mulitple vulnerabilitites, I'm just
> asking what if any info you might have in this regard.
>
> Thanks,
> Greg
More information about the MediaWiki-l
mailing list