[wp-hackers] Mysql.com cracked, possible bad PR for WordPress

Vid Luther vid at zippykid.com
Wed Mar 30 13:21:40 UTC 2011

So, security lists are going to have a field day with this one, and I wanted to help this community  get ahead of it.

First see http://seclists.org/fulldisclosure/2011/Mar/309?utm_source=twitterfeed&utm_medium=twitter


http://pastebin.com/raw.php?i=BayvYdcP (the end of this link may be NSFW, depending on where you work).

A knee jerk reaction I'm seeing in channels is that it's WordPress' fault, it's easy to blame, but it may be more a case of a known 
exploit not being patched, I'm not aware of any SQL injection vulnerabilities in the past year though. 

Here's wishing them all luck, and a reminder to all of you to update your installs, including PHP/apache etc :).

More information about the wp-hackers mailing list