[Lazarus] Lazarus Forum seems to be hacked!
Matt Shaffer
dazappa.matt at gmail.com
Thu Jan 28 08:55:08 CET 2010
Right, but what I meant was if someone manages to upload their own PHP file
to the lazarus server, they can easily have uploaded a PHP file manager
which has the capability of deleting files, etc, without ever needing
ssh/ftp (this assumes the attack was done through a vulnerable piece of
software, that had write permissions, etc.)
I don't think this scenario is extremely likely.
On Thu, Jan 28, 2010 at 2:42 AM, Florian Klaempfl <florian at freepascal.org>wrote:
> Matt Shaffer schrieb:
> > Well, there doesn't have to be shell/ftp for the person to have access
> > to files ;)
>
> To ssh, you've to hack a vpn first ;)
>
> --
> _______________________________________________
> Lazarus mailing list
> Lazarus at lists.lazarus.freepascal.org
> http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lazarus-ide.org/pipermail/lazarus/attachments/20100128/120555ef/attachment-0004.html>
More information about the Lazarus
mailing list