Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Juha-Matti Laurio (juha-matti.laurionetti.fi)
Date: Tue Nov 20 2007 - 14:03:32 CST
This is CVE-2007-6013 since 19th Nov including WordPress ticket #5367:
"Steven J. Murdoch" <fulldisc+Steven.Murdochcl.cam.ac.uk> kirjoitti:
>On Tue, Nov 20, 2007 at 07:08:36PM +0100, Stefan Esser wrote:
>Could you elaborate why you consider this news? Most public SQL
>injection exploits for Wordpress use this cookie trick.
>I couldn't find it on the Wordpress bug tracker and when I mentioned
>it to the Wordpress security address, they did not mention having
>heard of it before. I also couldn't find a detailed explanation of the
>problem online, nor in the usual vulnerability databases. Blog
>administrators, like me, therefore risk sites being compromised
>because they didn't realize the problem.
>It seemed intuitive to me that restoring the database to a known good
>state would be adequate to recover from a Wordpress compromise
>(excluding guessable passwords). This is the case with the UNIX
>password database and any similarly implemented system. Because of the
>vulnerability I mentioned, this is not the case for Wordpress.
>So I also thought it important to describe the workarounds, and fixes.
>If these were obvious, Wordpress would have already applied them. Some
>commenters did not think that the current password scheme needs to be,
>or can be improved, despite techniques to do so being industry
>standard for decades. Clearly this misconception needs to be
>I did mention that this was being exploited, so obviously some people
>already know about the problem, but not the right ones. Before I sent
>the disclosure, there was no effort being put into fixing the problem.
>Now there is. Hopefully blog administrators will also apply the
>work-arounds in the meantime.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/