Threat Level: green Handler on Duty: Pasquale Stirparo

SANS ISC: InfoSec Handlers Diary Blog - Wordpress 2.1.1 source backdoored InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Wordpress 2.1.1 source backdoored

Published: 2007-03-04
Last Updated: 2007-03-04 15:37:15 UTC
by Maarten Van Horenbeeck (Version: 1)
0 comment(s)

The Wordpress development team has a notification up on their blog that version 2.1.1 of Wordpress has been compromised, and code was added which allows remote code execution. This happened during a user-level compromise of one of their servers.

While not all 2.1.1 downloads have been affected, they advise that everyone running this version should upgrade to version 2.1.2 immediately. This version is fully verified and is not backdoored.

By way of mitigation, hosting providers that are not aware of the Wordpress versions running across their user base may wish to block access to theme.php and feed.php with a query string of 'ix=' or 'iz='.

More information: Wordpress.org

Keywords:
0 comment(s)
Diary Archives