irclog2html for #hhwiki on 20031027

09:32.32*** join/#hhwiki pb_ (~pb@dsl-62-3-66-201.zen.co.uk)
11:38.08*** join/#hhwiki AntiProxy (Admin@AntiProxy.com)
13:52.37*** join/#hhwiki kencausey (~ken@12-222-173-196.client.insightBB.com)
14:17.50*** join/#hhwiki pb_ (~pb@cpc2-cmbg4-3-0-cust239.cmbg.cable.ntl.com)
14:55.13*** join/#hhwiki jg (~jg@dhcp-r26.crl.dec.com)
14:57.10kencauseyHas someone already fixed the geeklog vulnerability?
14:57.33kencauseyOr are we even using a new enough geeklog version to be affected?
14:59.23jgkencausey: dunno.  What is the vulnerability?
14:59.33kencauseyLInked in the /topic
14:59.44kencauseyhttp://www.securiteam.com/exploits/6G00C2K8LQ.html
14:59.54kencauseyby AntiProxy I guess, that's the first I'd heard about it
15:00.34jgI don't know what version we are running off hand...
15:02.58kencauseyAh, it's at the bottom of the page
15:03.02kencausey<PROTECTED>
15:03.09kencauseyso I don't guess we have to worry
15:07.17jgkencausey: unless someone has hacked the version number :-).
15:07.21kencausey:)
15:07.23jgkencausey: (just kidding).
15:07.33kencauseyYeah, but that is a good point in general
15:51.26AntiProxyback..
15:53.38AntiProxyeven though that specific advisory doesn't apply to handheld.org's geeklog.. but through my experience with other similar projects ( mainly php-nuke, post-nuke, etc ) one vulnerability was found to affect many different scripts in one project, due to "bad" coding behaviour which caused the first discovered vulnerability
15:53.57AntiProxyi just hope there are no similar SQL Injection vulnerabilities else-where in geeklog .)
15:54.31AntiProxyi forgot about this advisory myself..
15:55.11AntiProxyas i wanted to double check the code regardless.. hoping the author didn't leave out 1.3.7?? simply because they haven't tested it
15:55.38kencauseyIf you have time to look through the code that would be great.
15:55.39kencauseyThanks.
15:56.09AntiProxyi don't have access to it
15:56.16kencauseyIt's in CVS
15:56.16AntiProxyi'm a member of the website group
15:56.25kencauseyAnd it's in that CVS project
15:56.27AntiProxybut geeklog is put under different permission
15:56.37kencauseyoh?  just sec
15:56.38AntiProxyi think because the SQL password is hardcoded in the config file
15:57.59kencauseyls -l of the contents of /cvs/website/geeklog all seems to be owned by proj_website
15:58.08kencauseyAnd even if it weren't, you would still have read access
15:58.41AntiProxyi guess you have a point
15:59.37AntiProxyinteresting..
15:59.39AntiProxyi can read it now
15:59.59AntiProxylast i checked ( well.. about 2-3 months back, while working on hh.org ) i couldn't even read that directory
16:00.21kencausey*shrug*
16:02.35AntiProxyheh..
16:02.42AntiProxyi tried to grep for a string
16:02.48AntiProxyrecursively
16:03.10AntiProxygot about 300 permission denied errors
16:04.02AntiProxyoh. nevermind that
16:04.14AntiProxyit was specifically the ./CVS directories that caused that
16:04.28AntiProxylike grep: layout/clean/CVS: Permission denied
16:06.26AntiProxylooks good to me..
16:06.32AntiProxyi checked users.php and admin/user.php
16:06.48AntiProxycompletely different file and functions layout too
16:08.00*** join/#hhwiki jamey (~jamey@3ffe:4015:ffff:11:2e0:63ff:fe81:cc92)
16:12.31kencauseyThanks for checking
16:26.35*** join/#hhwiki jamey (~jamey@3ffe:4015:ffff:11:2e0:63ff:fe81:cc92)
16:26.35*** join/#hhwiki jg (~jg@dhcp-r26.crl.dec.com)
16:26.35*** join/#hhwiki kencausey (~ken@12-222-173-196.client.insightBB.com) [NETSPLIT VICTIM]
16:26.35*** join/#hhwiki AntiProxy (Admin@AntiProxy.com)
18:20.38*** join/#hhwiki pb_ (~pb@cpc2-cmbg4-3-0-cust239.cmbg.cable.ntl.com)
21:37.39*** join/#hhwiki jg (~jg@dhcp-r26.crl.dec.com)

Generated by irclog2html.pl by Jeff Waugh - find it at freshmeat.net! Modified by Tim Riker to work with blootbot logs, split per channel, etc.