Security hole in S9Y - Doomshammer's Weblog

< All I see is blogs | Secured SSH by checking failed logins >

Security hole in S9Y

Posted by Doomshammer on Friday, July 1. 2005 at 21:26 in Anwendungen, Arbeit, English only, Linux/Unix, Privat

Due to a security hole in the s9y weblog software, I just updated to the latest version. The s9y team urges to update as soon as possible. Read more about the issue in the s9y weblog:

S9Y-Weblog: http://blog.s9y.org/archives/36-CRITICAL-BUGFIX-RELEASE-Serendipity-0.8.2.html

Security advisory: http://secunia.com/advisories/15852/

View as PDF: This entry | This month | Full blog

Trackbacks

Trackback specific URI for this entry

Kritische Sicherheitsluecke in s9y 0.8.1
In der Version 0.8.1 von s9y scheint ne entsprechende Luecke im XML-RPC Krams zu sein. Hier werden Daten nicht richtig validiert bevor sie durch eval gejagt werden. Naehere Infos finden sich im Web Developer Blog hier: http://blog.s9y.org/archives/36-C

Weblog: echox's blog
Tracked: Jul 01, 23:57

Bug in Serendipity
Habe grade bei Doomshammer gelesen, dass Serendipity ein Sicherheitsloch hat und es deshalb geupdated. Nur falls sich einer ueber die Downtime gewundert haben sollte..

Weblog: Bho's Blog
Tracked: Jul 02, 12:18

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Name
Email
Homepage
In reply to
Comment	Enclosing asterisks marks text as bold (word), underscore are made via _word_. Standard emoticons like :-) and ;-) are converted to images. BBCode format allowed You can use [geshi lang=lang_name [,ln={y\|n}]][/geshi] tags to embed source code snippets. Pavatar/Gravatar/Favatar/MyBlogLog/Pavatar author images supported.
	Remember Information?

View as PDF: This entry | This month | Full blog

Calendar

Quicksearch

Not for Sale!

This blog is not for sale!

Latest twitter

Blog abonnieren

Latest Photos

ERROR: The HTTP server returned the error or the warning(result:403).

Last google searches

powered by SMF 2.0 1 minute funny poems
powered by SMF 2.0 davis weather instruments
powered by SMF 2.0 carnival center for performing arts
powered by SMF 2.0 i heard there was a secret chord

Getaggte Artikel

*grrrr* *lol* *ouch* *sigh* 5d mk ii 5dmkii ad adobe advertisement ajax akismet amazon anniversary api apple application aprils fool bass bbq big brother blackberry blog blogroll blues bobby kimball bsd bugfixes button canon cellphone censorship cgi checkpoint chords christmas cologne comment spam computer concert cover crux D'Oh! database debian desktop dittsche dns doomy's filmtipp dumb dvd ebay encryption enlightenment eos feed feed me filesystem firefox firewall firewall-1 flickr foobar food fotografie friends ftgrf fun funtwo gastronomy tip geolocation google google maps gpg guitar hamburg hannover hardware ibanez internet ipernity iphone ipod ipod touch job john miles keyboard kommentarspam laptop lens lightroom links linux lol loriot mac macbook macos mac os x macro mail math miller anderson mobile mod_security movie music mysql news newsbeuter noos openbsd opensolaris openssh openvpn ordr party perl peter huth pgp phone photo photoblog photography photos piano pixelpost pixlr postgresql pr0n privacy private programming raid rants raw real-life rock rock 'n roll rock legends adventure rss s9y san francisco script scripting security shell sicherheitsgott signature sipgate snow soccer software solaris solaris 10 solaris express song sound spam sparc sql ssh ssl stick stupid summer sun support t-mobile t-shirt talent management telephone test the urge thoughts train training tv unix update upgrade video vimeo vmware voip vpn vpn-1 weather web 2.0 Webmuell der Woche website weihnachten windows winni wlan women work x.org xmas youtube zfs

Buttons

BLOGROLL