[wp-hackers] SQL injection signaled but no info about it.. fake
or thruth?
DD32
wordpress at dd32.id.au
Wed Apr 16 06:58:33 GMT 2008
I've seen it, But i've not been able to locate any information about it.
Granted i've not seen any security at wordpress.org emails, so devs *may* be
aware of something.
There was a recent commit which added more prepared queries:
http://trac.wordpress.org/changeset/7645 theres a few in there related to
comments, But i think they're all escaped correctly allready.
"Attackers can use a browser to exploit these issues." also means there's
only 3 main forms of attack, The Commentor name, The Commentors URL, and
the actual comment, I took a quick look at them, and they seemed to be
escaped ok for me.
I have a feeling if there is indeed a problem, that its probably something
to do with Custom Database collations/charsets & WP not being able to
escape them fully, there was a previous SQL injection which used something
like that IIRC.
Take this message with a grain of salt of course, I'm no dev, Nor would i
not be supprised if i missed something basic when looking over it.. But
honestly, If there *was* a huge problem, then 2.5.1 most likely would've
been rolled out faster, and there'd be many commits trying to get
everything else thats wanted to be fixed in 2.5.1 done..
Just my 5c (Rounded up of course :P)
On Wed, 16 Apr 2008 15:53:32 +1000, Stefano Aglietti <steagl4ml at gmail.com>
wrote:
> http://www.securityfocus.com/bid/28703/info
>
> Talks about a possibile SQL injection exploit in comment form, there
> is no info neither example of the bug.
>
> SHould be trye? In this case 2.5.1 need to be released immediatly if
> not maybe some official words will help cause you know how the net
> like to talk bad about WP if there is a chanche to do :)
>
More information about the wp-hackers
mailing list