Home Private Messages Search
CPG Dragonfly™ CMS stopsoftwarepatents.eu petition banner
Toggle Content
 
Forums ⇒ CMS (All) ⇒ Security :: Archives ⇒ [Fixed] DragonflyCMS 9.0.6.1 Security Fixes :: Archived


Forum FAQForum FAQ  Log in to check your private messagesLog in to check your private messages  LoginLogin
SearchSearch  ModeratorsModerators
[Fixed] DragonflyCMS 9.0.6.1 Security Fixes :: Archived
Post any security related questions in here.
Please send discovered reports to security @ cpgnuke.com
Do Not post links to exploits or hacker sites - your post will be edited/deleted.
If you think you've been hacked, FIRST go through your server logs.
Go to page Previous  1, 2
Post new topic    Revive this topic    Printer Friendly Page     Forum Index ⇒  Security

Topic Archived View previous topic :: View next topic  
Author Message
DJ Maze
Developer
Developer

Offline Offline
Joined: Apr 19, 2004
Posts: 5683
Location: http://tinyurl.com/5z8dmv
PostPosted: Sun Feb 12, 2006 4:20 am
Post subject: Re: Posted on Bugtraq -CPGNuke Dragonfly 9.0.6.1 remote commands
Yes those 4 files will patch your system.

About the exploit:

coppermine OR error.php is used to send over a script.
The script CAN'T run on its own so it needs a file that has a bug.
install.php has such bug in the language selector.

If you properly deleted the install.php per the instructions said, then your system is not vulnerable.
Since both the readme and the installer say it, this exploit is actualy "low-risk". But since nobody does what they read or skip to read i've put it up as update notification.

The XSS exploit i discovered in linking.php is of a much more severe security issue. Therefore the update notification is fully in its right.


DJ Maze's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
Fedora 15 / 2.2.22 / 5.5.20 / 5.3.10 / CVS
Back to top
View user's profile Visit poster's website Yahoo Messenger Photo Gallery
Ronin
Dragonfly addicted
Dragonfly addicted

Offline Offline
Joined: Jun 07, 2004
Posts: 475
Location: Calgary, AB
PostPosted: Sun Feb 12, 2006 8:50 pm
Post subject: Re: Posted on Bugtraq -CPGNuke Dragonfly 9.0.6.1 remote comm
DJMaze wrote:
The XSS exploit i discovered in linking.php is of a much more severe security issue. Therefore the update notification is fully in its right.

OK, I did follow the install instructions and removed install.php. However I'm not clear if the linking.php issue mentioned above is seperate? My update notification just talks about removing the install, with no mention of an XSS exploit in linking.php.

Quote::
install.php security exploitRecently someone found a security exploit in install.php.
Always be shure you deleted install.php.
Fixes available at dragonflycms.org/Forum...html#98034

Posted on February 10, 2006

So can someone clarify that if I don't have install.php I'm safe from everything discussed here including the linking.php XSS exploit?

_________________
Cheers,

Ronin
Ronin Technologies
Dragonfly Google Maps Module

Ronin's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
Lunarpages Linux / 1.3.37 / 4.1.22-standard-log / 4.4.4 / 9.1.2.5
Back to top
View user's profile Visit poster's website Photo Gallery
goran_wright
Newbie
Newbie

Offline Offline
Joined: Nov 14, 2005
Posts: 7
Location: Philippines
PostPosted: Tue Feb 14, 2006 7:47 am
Post subject: Re: Posted on Bugtraq -CPGNuke Dragonfly 9.0.6.1 remote comm
Quote::
install.php security exploitRecently someone found a security exploit in install.php.
Always be shure you deleted install.php.
Fixes available at dragonflycms.org/Forum...html#98034

Posted on February 12, 2006

I also have this message. but I don't have instll.php..


goran_wright's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
PHP4
Back to top
View user's profile Visit poster's website
Ronin
Dragonfly addicted
Dragonfly addicted

Offline Offline
Joined: Jun 07, 2004
Posts: 475
Location: Calgary, AB
PostPosted: Tue Feb 14, 2006 2:21 pm
Post subject: Re: Posted on Bugtraq -CPGNuke Dragonfly 9.0.6.1 remote commands
The message is just an advisory goran. Everyone running 9.0.6.1 gets it.

_________________
Cheers,

Ronin
Ronin Technologies
Dragonfly Google Maps Module

Ronin's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
Lunarpages Linux / 1.3.37 / 4.1.22-standard-log / 4.4.4 / 9.1.2.5
Back to top
View user's profile Visit poster's website Photo Gallery
Display posts from previous:   
Post new topic    Revive this topic    Printer Friendly Page    Forum Index ⇒  Security
Page 2 of 2
All times are GMT
Go to page Previous  1, 2

Archive Revive
Username:
This is an archived topic - your reply will not be appended here.
Instead, a new topic will be generated in the active forum.
The new topic will provide a reference link to this archived topic.
 
   Toggle Content User Info

Welcome Anonymous
Nickname
Password
(Register)

   Toggle Content Last CVS commits
· Fixed .ico Expires header.
· Removed domain name from cookies so subdomains wont access them anymore.
· CSS and JS, case insensitives.
· CSS and JS, send correct HTTP 1.1 headers and fixed issues where themes and...
· Further security class improvements.
· 301 redirects on LEO changes
· Option to force 3xx http status codes
· Validate googlebot.com and google.com crawlers.
· CCBot
· Rss with etag and atom.

もっと読む

   Toggle Content Community

Support for DragonflyCMS in a other languages:

Deutsch
Español

   Toggle Content X-links
UltraEdit Browse Happy logo Firefox MySQL PostgreSQL Valid CSS! Valid XHTML 1.0! Unicode Encoded Badge NukeBiz Resources Raven DragonflyCMS Dedicated Now InsideSupport Lampe Berger

You are seeing squares or questionmarks on this page?

All content of this website is copyrighted by the Creative Commons NC-SA
The logos and trademarks used on this site are the property of their respective owners
We are not responsible for comments posted by our users, as they are the property of the poster.
Our server runs on a P3 1.2GHz with 512MB RAM with no accelerators
Support GoPHP5.org
Interactive software released under GNU GPL, Code Credits, Privacy Policy