Linux Today: Linux News On Internet Time.
Search Linux Today
search.internet.com
Linux News Sections: Blog - Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Preferences
Contribute
Link to Us
Search
Linux Jobs

Become a Marketplace Partner

internet.commerce
Be a Commerce Partner














The Linux Channel at internet.com
Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Technology Jobs

JustTechJobs.com

LinuxToday Newsletters
Subscribe News
Subscribe PR
Subscribe Security

internet.com
IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

 

Current Newswire:

Extending Nautilus, Scripting Your Way To UI Bliss

Check Your Mysql Server Performance with MySQLTuner

The Growth of the Newest Kubuntu Support Option

Linux Game "System of Tomorrow" Ships in Two Weeks

Anonymous Proxy Using Squid 3 On CentOS 5.x

Install and Configure Cacti Monitoring Tool in Ubuntu 8.10 (Intrepid Ibex) Server

SimplyMEPIS: The Best Desktop Linux You Haven't Tried

Planning Extensions in TYPO3

How the Linux Kernel Manages Virtual Memory

Make Your BIOS Love Security

Sr. Developer, Backend
Professional Technical Resources
US-OR-Eugene

Justtechjobs.com Post A Job | Post A Resume
:Multiple Unpatched Vulnerabilities in Open Source CMS Mambo
Multiple Unpatched Vulnerabilities in Open Source CMS Mambo
Jan 30, 2008, 19 :30 UTC (0 Talkback[s]) (2399 reads)

"SecurityFocus has on Monday reported vulnerabilities in the open source content management system Mambo, which could be exploited by attackers to view confidential information or compromise a system. Four flaws have been found, and as yet no fix has been issued.

"The mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php script fails to correctly filter the content of the file[NewFile][tmp_name] parameter, so that crafted arguments can be used to delete files such as configuration.php on the server..."

Complete Story

Related Stories:
Infosec Writers: Detecting Botnets Using a Low Interaction Honeypot(Mar 28, 2006)
Netcraft: Hackers Targeting Mambo Security Holes(Mar 10, 2006)
vnunet: Linux Worm Turns on Mambo and PHP(Feb 20, 2006)



No talkbacks posted.
  Home | Search Talkbacks | Customize View    Top of Page  



Enter your comments below:

* Your Name:

* Your Email Address:

* Subject:

CC: [will also send this talkback to an E-Mail address]

* Comments:

Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content.

Fields marked with * are required!






..............................


All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Solutions

Whitepapers and eBooks

Microsoft PDF: Top 11 Reasons to Upgrade to Windows Server 2008
Intel Podcast Transcript: Talking vPro
Avaya Article: Communication-Enabled Mashups: Empowering Both Business Owners and IT
Whitepaper: Building a Real-World Model to Assess Virtualization Platforms
PDF: Intel Centrino Duo Processor Technology with Intel Core2 Duo Processor
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Go Parallel Article: Q&A with a TBB Junkie
Microsoft Article: BitLocker Encryption on Windows Server 2008
Go Parallel Article: Intel Thread Checker, Meet 20 Million LOC
IBM Whitepaper: Innovative Collaboration to Advance Your Business
   Internet.com eBook: Real Life Rails
IBM eBook: The Pros and Cons of Outsourcing
Internet.com eBook: Best Practices for Developing a Web Site
IBM CXO Whitepaper: The 2008 Global CEO Study "The Enterprise of the Future"
Avaya Article: Call Control XML in Action - A CCXML Auto Attendant
IBM CXO Whitepaper: Unlocking the DNA of the Adaptable Workforce--The Global Human Capital Study 2008
Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers
HP eBook: Storage Networking , Part 1
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Podcast: The Pro Platform - Intel vPro Technology
Go Parallel Video: Intel(R) Threading Building Blocks: A New Method for Threading in C++
HP Video: Is Your Data Center Ready for a Real World Disaster?
Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices
HP On Demand Webcast: Virtualization in Action
Go Parallel Video: Performance and Threading Tools for Game Developers
   Rackspace Hosting Center: Customer Videos
Intel vPro Developer Virtual Bootcamp
HP Disaster-Proof Solutions eSeminar
HP On Demand Webcast: Discover the Benefits of Virtualization
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Amyuni Download: PDF & XPS Engine for Your .NET and ActiveX Applications
Acresso Download: Try InstallShield 2009
Microsoft Download: Silverlight 2 SDK
30-Day Trial: SPAMfighter Exchange Module
   Red Gate Download: SQL Toolbelt
Iron Speed Designer Application Generator
Microsoft Download: Silverlight 2 Developer Runtime (Windows)
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Demo: Dual-Core Intel Itanium 2 Processor
IBM IT Innovation Article: Green Servers Provide a Competitive Advantage
   Microsoft Article: Making Designer/Developer Collaboration a Reality
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES