Wordpress Exploit and Dreamhost
- 7th Jun 2007
- Leave a Comment
- Wordpress
Added : http://trac.wordpress.org/changeset/5570 not a patch but a fix
If you have the last unpatched wordpress 2.2 there is a problem in the xml-rpc module, people if they have a valid username and password can use an SQL Injection exploit. The common usage has been adding hidden links into the template was control of your blog has been lost to the bad guys
Also Dreamhost leaked 3500 FTp username and passwords, so IF you have WP or hosted on dreamhost.
a) Check you source code for hidden links that aren’t your ;)
b) Check the HTaccess file for any odd entries, like a 310 to Bad guys site on you ranking pages
c) Check your robots.txt… yes some idiots thinks it funny to hack you server and block all spiders !!
d) Check for proxy scripts that may have been installed on your server
DaveN
5 Comments | Leave a comment »
What’s the deal with this? Is there a new version of wordpress that fixes the exploit or does it only effect versions prior 2.2?
Its hit loads of people http://mezzoblue.com/archives/2007/06/05/unsettling/
This is why I only use http://www.made2own.com for all of my hosting needs. Made2Own takes security very seriously, and their support is incredible. You huys should definitely give them a look.
Thanks for mentioning this–I’ll definitely take a look at all of my WP installations.
thanks for this useful article it will help me on my WP installations.