Skip to main content

Wordpress: Not Invulnerable Either

By
At least Wordpress will admit to their failings.

... This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution ...
Labels:

Comments

Post a Comment

Popular posts from this blog

Add A Custom Redirect, If You Change A Post URL

By
When you rename a blog, the most that you can do, to keep the old URL useful, is to setup a stub post , with a clickable link to the new URL. Yo! The blog is now at xxxxxxx.blogspot.com!! Blogger forbids gateway blogs, and similar blog to blog redirections . When you rename a post, you can setup a custom redirect - and automatically redirect your readers to the post, under its new URL. You should take advantage of this option, if you change a post URL.
Post a Comment
Read more

Jump Break Is Visible Only In An Index Page

By
Some blog owners are unsure what a Jump Break looks like, when applied to their blogs. Occasionally, in Blogger Help Forum: Get Help with an Issue , we see the confusion. Where's the Jump Break? or I added a Jump Break to several posts, but it never shows up! When asked for a screen print of what they're seeing, they may provide a image of the post, in the Post Editor Preview window - or possibly, the published post, but in post page view.
Post a Comment
Read more

Leave Comments Here

By
Like any blogger, I appreciate polite comments, when they are relevant to the blog, and posted to the relevant article in the right blog . If you want to ask me a question thats relevant to blogging, but you can't find the right post to start with (I haven't written about everything blogger related, yet, nor the way things are going I don't expect to either), ask your questions here, or leave an entry in my guestbook . As noted above, please note my commenting policy . If you post a comment to this post , I will probably treat it as a "Contact Me" post . If you have an issue that's relevant to any technical issue in the blog, please leave a comment on the specific post , not here. This post is for general comments, and for non posted contact to me. If the form below does not work for you, check your third party cookies setting! For actual technical issues, note that peer support in Blogger Help Forum: Something Is Broken , or Nitecruzr Dot Net - Bloggin...
313 comments
Read more