WordPress 2.6.1 Weak Entropy Vulnerability

Posted by DK
September 11, 2008

iso^kpsbr has discovered a vulnerability that may allow an external attacker to gain admin access to WordPress 2.6.1.

WordPress is prone to a weakness in the entropy of generated passwords. Successfully exploiting this issue may allow an attacker to guess randomly generated passwords. WordPress 2.6.1 is vulnerable; other versions may also be affected.

The original advisory and proof of concept exploit is available on securityfocus.

Advisories, WordPress

Random Posts

If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments
Comment by Joseph Scott on September 11, 2008 @ 3:47 pm

It’s important to note that this is a general PHP issue, not something that is specific or unique to WordPress:

http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/

Comment by dt on September 11, 2008 @ 5:08 pm

Is not about entropy, is just an exploit for “SQL Column Truncation” bug that was fixed in latest wordpress versiorn (2.6.2) See http://wordpress.org/development/2008/09/wordpress-262/

Comment by MustLive on September 12, 2008 @ 2:27 am

DK

It’s worth to be mentioned that in case of this vulnerability (in both SQL Column Truncation exploit and Admin Takeover exploit) are affected only sites with open registration. So any WP site with open registration is in risk and needs to be updated to new version of WordPress.

Comment by Jim on October 7, 2008 @ 3:43 pm

I don’t see why people have open registration on their wordpress blogs anyways. You can install captcha you sway away the comment spammers.

Leave a comment

(required)

(required)