Wordpress ALERT!

There is a new vulnerability in Wordpress.

http://milw0rm.com/exploits/6

There is no official fix as far as I know, so for now I recommend turning of user registration.

 

What exactly does this vulnerability do? Can you just spell it out for us?

 

that does not look like fun..

 

edit. i read more about it, it looks like they use a backdoor to guess your mysql password through a dictionary attack and then execute shell commands on your server. i guess they could delete your site or do nasty things to it or maybe attack other people.. who knows what these crazy people will do next.

 

It only seems to be for blogs that have user registration enabled.

 

you can delete everything if you guess the username and pass? thats not new?

 

Malicious nerd virgins. God, I hate them.

 

Well simply put what this does is,

It uses a registered user to inject a shell into your server. This shell allows well complete access to your server almost eqivalent to ssh access. However if this fails for some reasons such as Php Safe Mode being enabled, it goes ahead and attempts another exploit which allows it to bruteforce the mysql password.

Most people will wonder what the big deal with guessing the password is. Well on almost all hosting servers mysql only allows access from localhost. So even if you have the password in front of you, you can't do anything with it. This exploit lets you find the mysql password by running a script on the server and then further uses that password to get admin username and password.

And yes, only blogs with user registration enabled are vulnerable, so I recommend turning it off till an official patch is released.

 

I am having problems it says i cannot post anything.

 

What are you having problems with Boydy? Post where? What did you do prior to the problems?

 

It says this "Sorry, you need to enable sending referrers for this feature to work." do you know whats wrong with it tech86?

 

I don't mean they could just delete your blog - they could delete your entire site or do anything that a person with shell access could do. Which for a lot of people is a lot more than just their blog.

 

especially if you're on shared hosting, no?

 

Depends on the access level the exploit can give you, but yeah if youre on shared hosting it could potentially be very very bad.

 

I knew wordpress is bad hehe ..... dirty one there ... consider using something else ... I expect a lot more security flaws

 

I also agree to what mavahntooth is sayn!

 

Don't ever get a server then moq

 

that actually looks like some real fun

 

if anyone tried this tell us your results..

 

Why post that shit on the forums and give it more exposure? Why not just say it's out there rather than to post a god damn script for kiddies to use? Don't get me wrong, I really appreciate the heads up... but posting a link on how to execute the hack is reckless and will only make it worse.

On that note, unless you have a simple to guess password (a dictionary word - which unless your stuck in the 90's you know not to use) then your probably safe even if you allow user registration.

Changing your password to be long and have numbers, letters, and especially odd characters would make it pretty much impossible to crack your server this way.