Re: Re: [InterN0T] Geeklog 1.5 - Pre-Installation Vulnerabilities

From: peter@peter.com
To: bugtraq@securityfocus.com
Cc:
Subject: Re: Re: [InterN0T] Geeklog 1.5 - Pre-Installation Vulnerabilities
Date:


Hi Dirk,

"
>-:: Solution ::-
>I didn't bother to find one, sorry.

A simple solution is to follow the installation instructions, which
strongly recommend removing the install script after a successful
install. There are also further checks and reminders about this built
into Geeklog.
"
You cant expect your users to do so, then the best way would be to force the webmaster to remove the install scripts before he can use the CMS.

Regards





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.