TikiWiki and PmWiki in hackers' crosshairs
Security holes in the Wiki systems TikiWiki and PmWiki are in the crosshairs of attackers seeking to build up Bot nets of compromised servers. Alongside IRC Bots, the attacks also place additional hacking tools on the affected servers. The pests then attempt to exploit further vulnerabilities in the Linux kernel so as to elevate their rights and gain complete control over the system, the Internet Storm Center has reported.
Current and potentially older versions of the Wiki software are affected. For PmWiki, as is so often the case, the instantiation of the register_globals PHP option is responsible for the hole; deactivation and then a restart of the web server is sufficient to remedy the problem. More extensive measures are required to make TikiWiki installations secure; that software's developers have provided details in a news bulletin.
- Reports of Bots exploiting pmwiki and tikiwiki, Advisory from the Internet Storm Center
- How you can make your system more secure against those attacks, Recommendation of the TikiWiki developers
(ehe)