[geeklog-devel] Vulnerability found in FCKeditor

Oliver Spiesshofer oliver at spiesshofer.com
Thu Oct 11 21:23:22 EDT 2007


To that topic,

I am not sure how we are affected.

We are using version 2.3.1, this is reported for 2.4.3. I do not know if 
this is also an issue with the older version.
As a temp fix, please set

$Config['Enabled'] = false ;

in the file

/public_html/fckeditor/editor/filemanager/upload/php/config.php

this disables the upload function.

Oliver

Oliver Spiesshofer wrote:
> For those who's japanese is a bit rusty, here the original adisory
>
> http://secunia.com/advisories/27123/
>
> Oliver
>
> geeklog at mystral-kk.net wrote:
>> Hi all,
>>
>> Secunia reports a "Highly critial" vulnerability is found with
>> FCKeditor-2.4.3 (Source:
>> http://www.geeklog.jp/article.php/20071012075725463).  How will this
>> affect GL?
>>   
>
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> http://eight.pairlist.net/mailman/listinfo/geeklog-devel
>
>




More information about the geeklog-devel mailing list