[wp-hackers] FW: [BugTraq] WordPress v2.1.3 >> remote file include~

Robin Adrianse robin.adr at gmail.com
Thu Apr 26 02:14:36 GMT 2007 

I believe this report is not legitimate. I can't reproduce, nor can I find
any code that might actually do what the bug report is suggesting.

On 4/25/07, Chris Meller <chris at doesnthaveone.com> wrote:
>
> Yeah, I don't really see what's supposed to happen here either...
>
>
> On Apr 25, 2007, at 9:55 PM, Aaron Brazell wrote:
>
> > Perhaps I'm missing something here, but I can't duplicate on 2.1.3
> > or trunk...
> > --
> > Aaron Brazell
> > Director of Technology, b5media
> > "A Global New Media Company"
> >
> > web:: www.b5media.com, www.technosailor.com
> > phone:: 410-608-6620
> > skype:: technosailor
> >
> >
> >
> >
> > On Apr 25, 2007, at 9:37 PM, Ross M. W. Bennetts wrote:
> >
> >> -----Original Message-----
> >> From: s433d_only_linux at yahoo.de [mailto:s433d_only_linux at yahoo.de]
> >> Sent: Wednesday, 25 April 2007 6:18 PM
> >> To: bugtraq at securityfocus.com
> >> Subject: WordPress v2.1.3 >> remote file include~
> >>
> >> by : www.hackeraz.ir userz , saeid...
> >> ++++++++++++++++++++++++++++++++++++
> >> ####################################################
> >> #WordPress >> 2.1.3         Remote File Inclusion  #
> >> ####################################################
> >> Affected Software .: WordPress >> 2.1.3            #
> >> Download..: http://wordpress-deutschland.org       #
> >> Risk ..............: high                          #
> >> Date .........: 25/4/2007                          #
> >> Found by ..........: s433d_only_linux              #
> >> Contact ...........: s433d_only_linux at yahoo.de     #
> >> Web .............: Www.hackerz.ir                  #
> >> special thanx ........... Ali Jasbi my beste friend#
> >> ####################################################
> >> Affected File:                                     #
> >> wordpress/wp-settings.php                             #
> >> wordpress/wp-includes/template-loader.php             #
> >> wordpress/wp-includes/theme.php                         #
> >> ####################################################
> >> Exploit:
> >> wordpress/wp-settings.php?require_once=shell?
> >> wordpress/wp-includes/template-loader.php?include=shell?
> >> wordpress/wp-includes/theme.php?require_once=shell?
> >> ######################################################
> >>
> >> _______________________________________________
> >> wp-hackers mailing list
> >> wp-hackers at lists.automattic.com
> >> http://lists.automattic.com/mailman/listinfo/wp-hackers
> >
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>

More information about the wp-hackers mailing list