Is 1.2.5 safe on Apache server with multiple extensions feature?
Posted: Wed Jun 04, 2008 3:52 pm
I have noticed that earlier vulnerable file "/modules/FileManager/postlet/javaUpload.php" in the newest CMSMS release (1.2.5) was simply renamed to "javaUpload.php.txt".
I have not checked in detailss how the latest security hole was fixed, but I would like to notice that the Apache servers, where multiple extensions feature is activated (e.g. on host providers like icdsoft, lunarpages), the "javaUpload.php.txt" file might still be executed by PHP parser.
Would be nice if CMSMS developers could confirm that servers with "multiple extensions feature" have no risk using the latest CMSMS release.
PS: If you would like to know if multiple extensions are active on your webhost, simply enter the address of mentioned file inside the browser:
http://www.your-domain.com/modules/File ... ad.php.txt
The answer is YES, if the output is something like this:
PPS: My website was also hacked, as I did not manage to upgrade CMSMS in time. brrrrrĀ 
would not like it to be repeated...
I have not checked in detailss how the latest security hole was fixed, but I would like to notice that the Apache servers, where multiple extensions feature is activated (e.g. on host providers like icdsoft, lunarpages), the "javaUpload.php.txt" file might still be executed by PHP parser.
Would be nice if CMSMS developers could confirm that servers with "multiple extensions feature" have no risk using the latest CMSMS release.
PS: If you would like to know if multiple extensions are active on your webhost, simply enter the address of mentioned file inside the browser:
http://www.your-domain.com/modules/File ... ad.php.txt
The answer is YES, if the output is something like this:
Code: Select all
POSTLET REPLY
POSTLET:NO
POSTLET:TOO LARGE
POSTLET:ABORT THIS
END POSTLET REPLY