[wp-hackers] [daniel.leidert.spam@gmx.net: DebianWordpress package exploitable by GeSHi local PHP file inclusion?]

Amit Gupta wp at igeek.info
Sat Oct 1 08:00:48 GMT 2005


I've got the reply from Nigel, the GeSHi Developer. Here's what he says:

  |  I released a fix for the bug mere hours after it was posted there, 
and
  |  before secunia got hold of it.
  |
  |  It's those people at postnuke... the reason why this was a problem 
is
  |  because they included GeSHi completely, without bothering to check
  |  that the docs/ and contrib/ directories aren't actually needed.
  |
  |  Well, the bug means that if you have example.php web-facing, the
  |  hacker can view any file on your server.
  |
  |  But there is no such malicious code in the core. There is an 
include
  |  that happens in the core, but it is already sanatised (it's the
  |  include that is done when set_language is called, which is always 
done
  |  if you want coloured highlighting).

so that should allay any concerns regarding security that anyone may 
have by using
iG:Syntax Hiliter. I can't vouch for other plugins though, so to just be 
on safe, those using
any other plugins which use GeSHi, they should make sure that the 
'contrib' directory
of GeSHi shouldn't be on their server.

------------
Amit Gupta
http://igeek.info/  ||  http://blog.igeek.info/
http://blog.igeek.info/wp-plugins/igsyntax-hiliter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://comox.textdrive.com/pipermail/wp-hackers/attachments/20051001/99dbe1db/attachment.htm


More information about the wp-hackers mailing list