09:32.32 | *** join/#hhwiki pb_ (~pb@dsl-62-3-66-201.zen.co.uk) |
11:38.08 | *** join/#hhwiki AntiProxy (Admin@AntiProxy.com) |
13:52.37 | *** join/#hhwiki kencausey (~ken@12-222-173-196.client.insightBB.com) |
14:17.50 | *** join/#hhwiki pb_ (~pb@cpc2-cmbg4-3-0-cust239.cmbg.cable.ntl.com) |
14:55.13 | *** join/#hhwiki jg (~jg@dhcp-r26.crl.dec.com) |
14:57.10 | kencausey | Has someone already fixed the geeklog vulnerability? |
14:57.33 | kencausey | Or are we even using a new enough geeklog version to be affected? |
14:59.23 | jg | kencausey: dunno. What is the vulnerability? |
14:59.33 | kencausey | LInked in the /topic |
14:59.44 | kencausey | http://www.securiteam.com/exploits/6G00C2K8LQ.html |
14:59.54 | kencausey | by AntiProxy I guess, that's the first I'd heard about it |
15:00.34 | jg | I don't know what version we are running off hand... |
15:02.58 | kencausey | Ah, it's at the bottom of the page |
15:03.02 | kencausey | <PROTECTED> |
15:03.09 | kencausey | so I don't guess we have to worry |
15:07.17 | jg | kencausey: unless someone has hacked the version number :-). |
15:07.21 | kencausey | :) |
15:07.23 | jg | kencausey: (just kidding). |
15:07.33 | kencausey | Yeah, but that is a good point in general |
15:51.26 | AntiProxy | back.. |
15:53.38 | AntiProxy | even though that specific advisory doesn't apply to handheld.org's geeklog.. but through my experience with other similar projects ( mainly php-nuke, post-nuke, etc ) one vulnerability was found to affect many different scripts in one project, due to "bad" coding behaviour which caused the first discovered vulnerability |
15:53.57 | AntiProxy | i just hope there are no similar SQL Injection vulnerabilities else-where in geeklog .) |
15:54.31 | AntiProxy | i forgot about this advisory myself.. |
15:55.11 | AntiProxy | as i wanted to double check the code regardless.. hoping the author didn't leave out 1.3.7?? simply because they haven't tested it |
15:55.38 | kencausey | If you have time to look through the code that would be great. |
15:55.39 | kencausey | Thanks. |
15:56.09 | AntiProxy | i don't have access to it |
15:56.16 | kencausey | It's in CVS |
15:56.16 | AntiProxy | i'm a member of the website group |
15:56.25 | kencausey | And it's in that CVS project |
15:56.27 | AntiProxy | but geeklog is put under different permission |
15:56.37 | kencausey | oh? just sec |
15:56.38 | AntiProxy | i think because the SQL password is hardcoded in the config file |
15:57.59 | kencausey | ls -l of the contents of /cvs/website/geeklog all seems to be owned by proj_website |
15:58.08 | kencausey | And even if it weren't, you would still have read access |
15:58.41 | AntiProxy | i guess you have a point |
15:59.37 | AntiProxy | interesting.. |
15:59.39 | AntiProxy | i can read it now |
15:59.59 | AntiProxy | last i checked ( well.. about 2-3 months back, while working on hh.org ) i couldn't even read that directory |
16:00.21 | kencausey | *shrug* |
16:02.35 | AntiProxy | heh.. |
16:02.42 | AntiProxy | i tried to grep for a string |
16:02.48 | AntiProxy | recursively |
16:03.10 | AntiProxy | got about 300 permission denied errors |
16:04.02 | AntiProxy | oh. nevermind that |
16:04.14 | AntiProxy | it was specifically the ./CVS directories that caused that |
16:04.28 | AntiProxy | like grep: layout/clean/CVS: Permission denied |
16:06.26 | AntiProxy | looks good to me.. |
16:06.32 | AntiProxy | i checked users.php and admin/user.php |
16:06.48 | AntiProxy | completely different file and functions layout too |
16:08.00 | *** join/#hhwiki jamey (~jamey@3ffe:4015:ffff:11:2e0:63ff:fe81:cc92) |
16:12.31 | kencausey | Thanks for checking |
16:26.35 | *** join/#hhwiki jamey (~jamey@3ffe:4015:ffff:11:2e0:63ff:fe81:cc92) |
16:26.35 | *** join/#hhwiki jg (~jg@dhcp-r26.crl.dec.com) |
16:26.35 | *** join/#hhwiki kencausey (~ken@12-222-173-196.client.insightBB.com) [NETSPLIT VICTIM] |
16:26.35 | *** join/#hhwiki AntiProxy (Admin@AntiProxy.com) |
18:20.38 | *** join/#hhwiki pb_ (~pb@cpc2-cmbg4-3-0-cust239.cmbg.cable.ntl.com) |
21:37.39 | *** join/#hhwiki jg (~jg@dhcp-r26.crl.dec.com) |