The LimeSurvey Fund-Raiser 2012 is complete. Thank you for donating a total of 25,000 USD!     List of donors »
Welcome, Guest
Username: Password: Remember me
Forgot your password? Forgot your username?
  • Page:
  • 1

TOPIC: LimeSurvey security advisory 9/4/2009

LimeSurvey security advisory 9/4/2009 1 year 6 months ago #68765

  • c_schmitz
  • c_schmitz's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 614
  • Thank you received: 71
  • Karma: 77

There has been a issue uncovered with an older LimeSurvey version, namely Version 1.71+.

Type of issue:
A version of FCKeditor (namely 2.6.2) which was used at the time inside the LimeSurvey software appears to have a security issue by that an attacker get access to your files and change these.

Affected LimeSurvey versions:
- LimeSurvey 1.71+ in the range of Build 5245 to 5496  (released around March-April 2008)

Exploits in the Wild:
Unspecified exploit does exist - please refer to this forum topic for further details

Advised solution:
Update to the latest LimeSurvey 1.80+ or later version available from http://www.limesurvey.org

Recommendations:
Check other PHP files on the same webspace for infections of the same kind.

Read more...
Support us, too. Donate to the LimeSurvey project and help keep us going!
The administrator has disabled public write access.
  • Page:
  • 1
Time to create page: 0.164 seconds
Donation Image