Quoting Kevin Walsh (suppressed): > Grant suppressed wrote: > > I noticed the following request in my logs and thought I'd mention it to > > you guys: > > > > www.mydomain.com/cgi-bin/mycatalog/__SQLUSER__ > > > > It's the first hacking attempt I've seen that looks > > IC-specific. Is there anything I might want to check my system out for? > > > I can verify the problem on a 5.0 system. I haven't looked at it > on 5.1 yet, but I suspect that it'll be the same. > > Apply the following patch as an emergency fix. The real fix will > either be the same, or something similar elsewhere. > > ---------------------------------------------------------------------- > *** Page.pm 28 Mar 2004 20:29:39 -0000 2.17 > --- Page.pm 28 Mar 2004 20:34:43 -0000 > *************** > *** 75,80 **** > --- 75,81 ---- > > die ::get_locale_message(412, "Missing special page: %s\n", $name) > unless defined $page; > + $subject =~ s/_/_/g; > $page =~ s#\[subject\]#$subject#ig; > $Vend::PageInit = 0; > interpolate_html($page, 1); > ---------------------------------------------------------------------- > > Also, while you're at it, get the person's IP address and file a > complaint. I have patched all three pertinent versions (4.8, 5.0, 5.1). This is a definite hole and we should release ASAP. -- Mike Heins Perusion -- Expert Interchange Consulting http://www.perusion.com/ phone +1.765.647.1295 tollfree 800-949-1889 <suppressed> Software axiom: Lack of speed kills. _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.