Dangerous WordPress Exploit Made Public
Although, I have not looked into the exploit in detail, the popular online exploit archive Milw0rm contains an exploit that claims to be able to exploit multiple versions of WordPress:
# Tested with Wordpress 2.2, 2.2.2, 2.0.5, 2.0.6, 2.1, (…), PHP/5.2.4 for
# Apache 2.0.58 on Gentoo GNU/Linux. magic_quotes on and off for the different
# exploits.
It is interesting to note, that BlogSec have recently received a few emails from WordPress users who say their blogs have been compromised. This exploit may be the reason behind this.
The author(s) of the exploit also point out that the popular security website securiteam are running an older vulnerable version of WordPress:
# == A short advice (for those who desperately need a working brain)
# Due to the recent incidents of people ripping some of our work at Blackhat and
# other *pointless* security conferences, we politely ask you to refrain from
# doing such a mean thing. If you can’t be creative, find a different hobby.
# “DANGER RABBI ROBINSON: INFOWAR!” Gadi Evron, blogs.securiteam.com (WP 2.0.10)
# Trespassers expect career disruption and public humiliation… :)
Considering the results of our 1000 blog vulnerability assessment, we can make reasonable assumptions that over 50% on blogs may be at risk from attack.
BlogSecurity urges bloggers to ensure that they have upgraded to the latest version (2.2.3).
Random Posts
If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
Really interesting that a security team isn’t even using a version near the latest stable(secure) Wordpress version. But I can ensure that BlogSec runs with the latest one :), although that may mean nothing about security itself…
Daniel, Phil: This is why defense in depth is so important. As Daniel mentioned, upgrading is a simple step, but there are so many other layers that we need in top of this.
Hopefully the Mod_Sec guide and Phil’s whitepaper will help build up some of these layers.
As for WordPress themselves, a full blown, carefully layed out SDL is required me thinks.
[...] brachte heute Morgen die Meldung, dass ein Exploid für WordPress öffentlich wurde. Da das Toolkit somit leicht [...]
Exploit peligroso para WordPress es liberado…
En BlogSecurity comentan que en un archivo de exploits llamado Milw0rm se ha publicado un exploit que dice poder atacar múltiples versiones de WordPress: 2.2, 2.2.2, 2.0.5, 2.0.6, 2.1, etcétera.
Las pruebas del exploit se han hecho con PHP 5.2.4, Ap…
[...] la noticia original apuntan que cerca del 50% de los blogs administrados con Wordpress están en riesgo por este [...]
[...] BlogSecurity me entero que en Milw0rm se ha publicado un exploit que permite atacar múltiples vulnerabilidades [...]
[...] solución a éste problema BlogSecurity sugiere a los blogger que tenemos montado nuestro blog en éste popular CM, que actualicemos a la [...]
I know, the mod_sec guide would be handy here.. damn this work getting in the way.
the one thing that worries me is that whilst we always say upgrade, upgrade upgrade, in the case of Wordpress, it doesnt really prove anything as every damn release has a new security issue.
It’s about time the developers of WP stood up and admitted they needed help, enough is enough