OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki



Security vulnerability in Open Conference Systems <= 1.1.6

Are you responsible for making OCS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, michael, John

Forum rules
What to do if you have a technical problem with OCS:

1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.

2. Check the FAQ to see if your question or error has already been resolved. Please note that this FAQ is OJS-centric, but most issues are applicable to both platforms.

3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OCS Conference Support and Discussion subforum; if you have a development question, try the OCS Development subforum.

Security vulnerability in Open Conference Systems <= 1.1.6

Postby kstranac » Fri Oct 20, 2006 11:44 am

A serious security vulnerability has been discovered in the PKP Open Conference Systems (OCS) versions 1.1.6 and prior.

Details are available at:

http://www.securityfocus.com/archive/1/448548/30/30/threaded

A patch is available to correct the problem. You should apply this patch immediately by running

patch -p0 < cumulative.diff

in the ocs installation directory.

Intruders can take advantage of this expoit through privilege escalation to gain control of the hosting server. You should check to see if there have been any logins by privileged users from unauthorized IP addresses in the last week. Also, exploit attempts can be found by searching the logs for requests to theme.inc.php and footer.inc.php with "fullpath" specified as a URL parameter.

This vulnerability does not affect the PKP Open Journal Systems or the PKP Metadata Harvester.

If you have any questions about this exploit, please contact us.

OCS versions 1.1.7 and 2.0 and greater are not affected by this vulnerability.
kstranac
Site Admin
 
Posts: 73
Joined: Wed Sep 21, 2005 3:31 pm

Additional patch

Postby mjordan » Mon Oct 23, 2006 3:55 pm

If you applied the orginal patch released on Oct. 18, you should apply this patch to bring your installation up to date. If you have not previously applied a patch, use the cumulative one linked above.
mjordan
 
Posts: 21
Joined: Wed Mar 17, 2004 10:59 pm
Location: Vancouver, BC, Canada

changelogs

Postby szazs89 » Wed Nov 08, 2006 8:57 am

It seems to me that the changelogs and README file in 1.1.7 is from the 1.1.5 version...

(Btw. what is the best or recommended method for upgrading or applying the changes on an existing installation?)

TIA,
sZs (admin of a screwed up server)
PS: I have also added a .htaccess in the ocs root, containing:

<Files "*.inc.php">
order deny,allow
deny from all
</Files>

This helps to avoid direct http access to the phps to be included.
szazs89
 
Posts: 3
Joined: Tue Jan 17, 2006 6:28 pm


Return to OCS Technical Support

Who is online

Users browsing this forum: No registered users and 2 guests