[geeklog-devel] Vulnerability found in FCKeditor

Oliver Spiesshofer oliver at spiesshofer.com
Thu Oct 11 21:23:22 EDT 2007

Previous message: [geeklog-devel] Vulnerability found in FCKeditor
Next message: [geeklog-devel] Vulnerability found in FCKeditor
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To that topic,

I am not sure how we are affected.

We are using version 2.3.1, this is reported for 2.4.3. I do not know if
this is also an issue with the older version.
As a temp fix, please set

$Config['Enabled'] = false ;

in the file

/public_html/fckeditor/editor/filemanager/upload/php/config.php

this disables the upload function.

Oliver

Oliver Spiesshofer wrote:

> For those who's japanese is a bit rusty, here the original adisory

>

> http://secunia.com/advisories/27123/

>

> Oliver

>

> geeklog at mystral-kk.net wrote:

>> Hi all,

>>

>> Secunia reports a "Highly critial" vulnerability is found with

>> FCKeditor-2.4.3 (Source:

>> http://www.geeklog.jp/article.php/20071012075725463). How will this

>> affect GL?

>>

>

> _______________________________________________

> geeklog-devel mailing list

> geeklog-devel at lists.geeklog.net

> http://eight.pairlist.net/mailman/listinfo/geeklog-devel

>

>

Previous message: [geeklog-devel] Vulnerability found in FCKeditor
Next message: [geeklog-devel] Vulnerability found in FCKeditor
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devel mailing list