Comments on: WordPress 2.6.1 Weak Entropy Vulnerability http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability Always something worth reading... Fri, 12 Mar 2010 11:09:45 +0000 http://wordpress.org/?v= hourly 1 By: Jim http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/comment-page-1#comment-14175 Jim Tue, 07 Oct 2008 14:43:53 +0000 http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/#comment-14175 I don't see why people have open registration on their wordpress blogs anyways. You can install captcha you sway away the comment spammers. I don’t see why people have open registration on their wordpress blogs anyways. You can install captcha you sway away the comment spammers.

]]> By: MustLive http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/comment-page-1#comment-13612 MustLive Fri, 12 Sep 2008 01:27:45 +0000 http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/#comment-13612 <strong>DK</strong> It's worth to be mentioned that in case of this vulnerability (in both SQL Column Truncation exploit and Admin Takeover exploit) are affected only sites with open registration. So any WP site with open registration is in risk and needs to be updated to new version of WordPress. DK

It’s worth to be mentioned that in case of this vulnerability (in both SQL Column Truncation exploit and Admin Takeover exploit) are affected only sites with open registration. So any WP site with open registration is in risk and needs to be updated to new version of WordPress.

]]> By: dt http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/comment-page-1#comment-13610 dt Thu, 11 Sep 2008 16:08:35 +0000 http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/#comment-13610 Is not about entropy, is just an exploit for "SQL Column Truncation" bug that was fixed in latest wordpress versiorn (2.6.2) See http://wordpress.org/development/2008/09/wordpress-262/ Is not about entropy, is just an exploit for “SQL Column Truncation” bug that was fixed in latest wordpress versiorn (2.6.2) See http://wordpress.org/development/2008/09/wordpress-262/

]]> By: Joseph Scott http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/comment-page-1#comment-13609 Joseph Scott Thu, 11 Sep 2008 14:47:39 +0000 http://blogsecurity.net/wordpress/wordpress-261-weak-entropy-vulnerability/#comment-13609 It's important to note that this is a general PHP issue, not something that is specific or unique to WordPress: http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/ It’s important to note that this is a general PHP issue, not something that is specific or unique to WordPress:

http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/

]]>