HOWTO: Patch url_fopen Vulnerability
25 Sep 2006
Unknown File Type (0.81 KB)
In versions of SyntaxCMS since 1.1.1, there is an exploitable vulnerability in the testing scripts for installations with PHP 4.3.0 and higher,
You can update to the latest CVS version or apply the patch files included here. To apply the patch files, download the attached file and run:
...where
register_globals on, and allow_furl_open set to true. There is an exploit in the wild, so update your systems immediately.You can update to the latest CVS version or apply the patch files included here. To apply the patch files, download the attached file and run:
tar -xzvf 513_file_fopen_vuln_patch.tgzcd fopen_vuln_patchpatch path_to_your_public_root/admin/testing/index.php index.php.patchpatch path_to_your_public_root/admin/testing/tests/0004_init_urls.php 0004_init_urls.php.patchpatch path_to_your_public_root/admin/testing/tests/0030_init_syntax.php 0030_init_syntax.php.patchcp .htaccess path_to_your_public_root/admin/testing/tests/...where
path_to_your_public_root is the path to your Apache-readable directory where SyntaxCMS's public root is installed.Categorization
Topic
- HOWTO
Issue
- Other
