First WP 2.3 Dexter Vulnerability

Posted by DK
October 17, 2007

Andrea informed BlogSecurity earlier today of a Blogroll Spam vulnerability that is being exploited in the wild that may allow an attacker to flood your blogroll with any number of spam links.

This vulnerability affects previous versions of WordPress. To our knowledge this is the first public vulnerability for WordPress 2.3 Dexter.

The "wp-admin/link.php" script does not check the permissions of the user before adding a new Blogroll link. A fixed links.php file has been made available which addresses the problem and is available here.

Backup your link.php file and then replace it with the patched version found at the above link. The fixed version adds this simple code change: 

if ( ! current_user_can('manage_links') )
	wp_die( __('You do not have sufficient permissions
                         to edit the links for this blog.') );

WordPress BlogWatch will be updated shortly to reflect this new vulnerability.

Advisories, WordPress

Random Posts

If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments
Comment by Marnem on October 17, 2007 @ 4:30 pm

The file is to be found as “wp-admin/link.php”, not “wp-admin/links.php”.

Pingback by Sicherheitslücke in Wordpress 2.1 bis inklusive 2.3 (Massiv!!!) — Marnems Sicht der Dinge on October 17, 2007 @ 4:32 pm

[...] ich gerade auf Blogsecurity.net lese, gibt es einen massiven Bug in Wordpress. Für das Management der Blogroll ist die [...]

Comment by David Kierznowski on October 17, 2007 @ 4:37 pm

Marnem, thanks for that, the post has been corrected.

Trackback by -=Discobeats=- on October 17, 2007 @ 6:34 pm

[WordPress] Erster Exploit für 2.3…

So alt ist die Version 2.3, aka Dexter, von WordPress noch garnicht, da gibt es schon den ersten Exploit.

Pingback by Sicherheitsl on October 18, 2007 @ 1:42 am

[...] Via Blogsecurity.net. [...]

Pingback by Lustige Blogrolls on October 18, 2007 @ 6:44 am

[...] dank Sicherheitslücke. [...]

Pingback by Wordpress Vulnerability (v 2.1-2.3!) » article » Marcs Blog on October 18, 2007 @ 11:52 am

[...] to the guys over at blogsecurity I now know that there is a new vulnerability for wordpress in the wild. The [...]

Pingback by Krieg ist Frieden. Freiheit ist Sklaverei. Unwissenheit ist Stärke. | F!XMBR on October 18, 2007 @ 3:28 pm

[...] First WP 2.3 Dexter Vulnerability Das hat ja diesmal lange gedauert… [...]

Pingback by Just Ronni… » Blog Archive » Sicherheitslücke in Wordpress 2.3 Dexter on October 18, 2007 @ 7:35 pm

[...] Informationen unter: Blogsecurity.net addthis_url = ‘http%3A%2F%2Fwww.just-ronni.de%2Fsicherheitsluecke-in-wordpress-23-dexter%2F’; [...]

Pingback by This and That on October 19, 2007 @ 1:24 am

[...] Sicherheitslücke in Wordpress durch die sich die Blogroll zuspammen lässt. Das ist mal eine witzige Sicherheitslücke. Zumindest [...]

Pingback by Primer Bug en el Wordpress 2.3 | La WeB de DragoN on October 19, 2007 @ 6:18 am

[...] la noticia en varios blogs que visito a diario (I II III IV V) sobre una nueva vulnerabilidad que afecta a todas las versiones de Wordpress incluida [...]

Pingback by Webrocker » Wordpress Blogroll Spam Exploit on October 19, 2007 @ 7:22 am

[...] ist eine neue Lücke in Wordpress aufgetaucht, die es möglich macht, dass fremde Links in die Blogroll eingebaut [...]

Pingback by » Wordpress: Sicherheitslücke BlogRoll-Spam :: sansegundo.de on October 19, 2007 @ 12:52 pm

[...] Weitere Informationen zum Thema findet ihr hier. [...]

Pingback by blog von point-art » Blogroll-Sicherheitslücke in Wordpress » webstandards etc. on October 19, 2007 @ 1:43 pm

[...] Eine Sicherheitslücke in Wordpress wurde entdeckt, mit der sich die Blogroll erweiteren läßt. [...]

Pingback by AWSOM.org = Artist Website Setup Options Markup » Blog Archive » First Wordpress 2.3 vulnerability found, same for earlier versions on October 24, 2007 @ 1:45 pm

[...] vulnerability is already being exploited by spammers. An explanation and a fixed file can be found here until a new point release of Wordpress is available. This issue apparently also affects older [...]

Pingback by Tom’s TamTam » Achtung: Kritische Sicherheitslücke bei der Blogroll von Wordpress 2.1 - 2.3 on October 24, 2007 @ 5:45 pm

[...] habe ich hier und hier über eine Sicherheitslücke in der Blogroll Funktion von Wordpress, welche gehandelt wird [...]

Pingback by   WordPress 2.3.1 推出 by BloggingPro China on October 27, 2007 @ 3:15 am

[...] 修正了链接导入的安全漏洞 [...]

Pingback by sytao personal blog » Blog Archive » wordpress 2.3.1 on October 27, 2007 @ 7:54 am

[...] 修正了链接导入的安全漏洞 [...]

Pingback by iKA’s Blog » WordPress 2.3.1 on October 28, 2007 @ 12:12 am

[...] endlich die “wp-admin/link.php” gegen den Exploid, der bereits vor einigen Tagen auf BlogSecurity bekannt gemacht worden war, abgesichert. Die komplette Liste ist hier [...]

Pingback by Sistaweb » Sicherheitslücke bei Wordpress on November 21, 2007 @ 1:13 pm

[...] dazu und die Lösung des Problems gibt es bei Blogsecurity. [...]

Pingback by Primera vulnerabilidad en Wordpress 2.3 | Oscar Martin Blog 2.0 on August 8, 2008 @ 5:59 pm

[...] Fuente: BlogSecurity.net [...]

Leave a comment

(required)

(required)