[wp-forums] Exploit report
TechGnome
tg at tannagh.com
Fri May 26 19:13:09 GMT 2006
good idea, done, sort of. I left the thread, but removed the link.
I'm including the original posting in this email for archival reasons
(in case we need to get back to the link later.
=======
I got this information from some forum, they said there is shell
injection on wp 2.0.2, and they give me link site that had the shell
injecton script.
the uri is www.m ilw0r m.com/ex ploits /6
There will be a update for wp 2.0.2? thanks for your attentions.
=======
-tg
Petit wrote:
> TechGnome wrote:
>> Broke it.... but should we remove it, close the thread and/or possibly
>> delete it? Don't want to sound like chicken little here, but we also
>> want to be cautious until we know the true extent of the allegation.
>>
>> -tg
> Yes - kill it and replace with a message that the possible exploit is
> checked by security personnel.
> The link goes directly to a PHP file, which you ca easily load in a
> browser.
> It contains some explanation of the vulnerability, if there really is one.
> Clicking such a link is no danger per se, but spreading the word might be.
>
> /Petit
>>
>> Les Bessant wrote:
>>> http://wordpress.org/support/topic/73845?replies=2#post-385157
>>>
>>> Probably worth someone breaking that link, in case it is real.
>>>
>>> _____ Les Bessant les at lcb.me.uk
>>> Losing it[1] <http://lcb.me.uk/losingit/>
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
More information about the wp-forums
mailing list