[wp-forums] vuln
Vicki Frei
vkaryl at allvantage.com
Sun Aug 14 02:14:29 GMT 2005
Okay, my host finally got back to me today about this, and yes,
Below10host ALSO has this enabled by
default. So could one of you bright folks explain to me (preferably in
words of LESS than one syllable!)
how to go about adding the referenced line into .htaccess? I really
haven't a clue.... I don't normally use
.htaccess.... I have a couple of totally blank ones in various
directories....
Thanks -
V
Scott Merrill wrote:
> perl and PHP code exists to automatically exploit vulnerable WP
> 1.5.1.3 sites, allowing the attacker to (try to) execute code on the
> victim's account.
>
> The user agent used in the code I've reviewed is:
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
> .NET CLR 1.1.4322)\r\n
> which sucks, because that's a real user agent. You could take the
> extreme position of rejecting all access from that user agent, but
> you'll exclude a lot of real visitors, too.
>
> Likewise, the attack uses a plain ol' HTTP GET request, instead of
> POST, further complicating our defense strategies.
>
> The code leverages wp_filter[query_vars]. Is there something specific
> that we can suggest _right now_ for people to do in their blog's code
> to help protect them?
>
> Certainly `php_flag register_globals off` in .htaccess is one step;
> but I would really like to offer as complete a solution as possible:
> security in depth.
>
> I want to construct a sticky forum post _officially_ responding to the
> issue, describing the problem, and providing as complete a solution as
> possible for users _right now_.
>
> Thanks,
> Scott
>
More information about the wp-forums
mailing list