Old security issue in recent OpenX installations

Together with Florian I have recently investigated a security issue in OpenX where attackers could drop a web shell onto the server. Heise is covering the story. Unfortunately the posting suggests that this is an issue with register_globals set to “on” only, which is NOT the case.

Watch out!

:)


Posted

in

by

Tags:

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.