Create an account    
 home  
 
Web www.thaihealth.net
  You are here:> home>topics> Linux&NUKE Security > important security fix in admin.php ©
Modify&Download: important security fix in admin.php
Posted on Friday, March 26 @ 00:14:00 GMT+7 by admin

Linux&NUKE Security SecurityFocus has reported about a vulnerability in admin.php that allows an attacker to create a superuser or modify existing ones, several solutions have been provided and i for one will check into them but in the meantime i offer adding to admin.php after the credits the following:

if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {
die("Illegal Operation");
}

Neither op should pass through the url anyway so my first choice is to block them.

blog this


blog this

More about linuxsecure
· phpNUKE security hole in News Module (up to Ver 7.9)2006-11-29 18:23:53
· security fixes for cross site scripting in nuke6.0-7.02004-03-26 01:15:24
· important security fix in admin.php2004-03-26 00:14:00
· upgrade Apache to 2.0.48 lastest one2003-12-20 16:25:11

Comment Post
1  by
on Sunday, March 16 @ 19:51:07 GMT+7
< href="http://f.jsoftj.com/">URL blocked by staff منتديا&

Read the rest of this comment...


2  by
on Saturday, March 15 @ 00:26:28 GMT+7
< href="http://www.jsoftj.com/">URL blocked by staff جي سوف

Read the rest of this comment...


3  by gaila
on Saturday, January 26 @ 07:42:05 GMT+7
< href="http://gallery.newsit.es/title='">URL blocked by staff free wallpaper [gallery.new

Read the rest of this comment...


4  by gaila
on Saturday, January 26 @ 07:45:15 GMT+7
< href="http://gallery.newsit.es/">URL blocked by staff free wallpaper [gallery.newsit.es]


5  by kjhg
on Thursday, June 05 @ 22:17:45 GMT+7
< href="http://wardh.al-kaon.com/">URL blocked by staff منتدي

Read the rest of this comment...




Your Name:

[ New User ]

Subject:


Comment:

Allowed HTML:
<b> <i> <a> <em> <br> <strong> <blockquote> <tt> <li> <ol> <ul>
Security code:
T news tweak
 

       Sponsored Links
       Related Links
· More about Linux&NUKE Security
· News by admin
Most read story about Linux&NUKE Security:
 Top tools for Linux(19630)
       Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


       Options

 Printer Friendly  Printer Friendly

 Send to a Friend  Send to a Friend

News ©

เล่นเกมส์ arcade games free!

main sitethaihealth | home | forums | downloads | topics

Seo from our desk thai seo
Web site engine code is Copyright © 2003 by PHP-Nuke.Copyright 2007 Thaihealth and pattaya doctor
Page Generation: 0.215 Seconds
Theme developed by WebDesignHQ.com Modified By DoctorNUKE