[wp-hackers] WP security breach-- may be my fault, may not be

[Roy Schestowitz]

___/ On Wed 10 May 2006 05:29:11 BST, [ David Chait ] wrote : \___

> Eric A. Meyer wrote:
> |    I dunno.  That's why I brought it up here, just in case there was
> | a previously unknown vulnerability.
> and
> |    Unless of course whatever they're doing isn't solved by the latest
> | version.  I'm assuming that all this isn't an obvious example of a
> | widely known problem with the 1.5x series, though.


In  the  mean time, one safe(r) approach might be to chmod  600  edit.php
whenever you do not modify content. This will have future cracking attem-
pts  logged  (unlike   IP-based banishment) and  prevent your  site  from
being defaced.


> If you really feel that's the case, and there's been no evidence to the
> contrary, then I'd recommend we stop this thread, you remove the pastebin
> stuff, and contact the security list.  Just IMHO from other similar recent
> discussions where that was the end suggestion...


I  believe  it's  a  distribution  rather  than  a  list.  An  E-mail   to
security at wordpress.org will reach Matt, Ryan and the others, once there is
proof  to suggest a threat has become concrete. Possibilities to confute a
hole  as  it  stands: weak admin password;  code  modification  (including
plug-ins);   packet  sniffing/interception  that  led  to  content   being
injected.

Best wishes,

Roy

-- 
Roy S. Schestowitz, Ph.D. Candidate (Medical Biophysics)
http://Schestowitz.com  |  Open Prospects   ¦     PGP-Key: 0x74572E8E
  2:40pm  up 12 days 21:37,  8 users,  load average: 0.19, 0.30, 0.28
      http://iuron.com - knowledge engine, not a search engine