Re: [wp-hackers] XML-RPC Exploit?

Home	Messages Index

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index

Re: [wp-hackers] XML-RPC Exploit?

To: wp-hackers@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [wp-hackers] XML-RPC Exploit?
From: Roy Schestowitz <r@xxxxxxxxxxxxxxx>
Date: Tue, 05 Jul 2005 06:27:38 +0100
Delivery-date: Tue, 05 Jul 2005 06:27:44 +0100
Envelope-to: r@schestowitz.com
In-reply-to: <42C9FB3B.7050901@skippy.net>
References: <20050705020603.salgkm6ywwg8w8kw@banana.catalyst2.com> <1120526144.3844.85.camel@portnoy.fuzzybelly.org> <42C9FB3B.7050901@skippy.net>
User-agent: Internet Messaging Program (IMP) H3 (4.0)

Quoting Scott Merrill:

Ryan Boren wrote:

On Tue, 2005-07-05 at 02:06 +0100, Roy Schestowitz wrote:
http://it.slashdot.org/article.pl?sid=05/07/04/2153224&tid=95&tid=172&tid=169
Can anybody please comment on the relevance of WordPress? Bearing in mind that the flaw may have been addressed already, it is still mentioned among applications that are susceptible to an XML-RPC exploit.
Not relevant to WP.  We don't use the php libraries.  Ours is a
different but similar XMLRPC exploit.  There was ours, the php one, and
the PEAR one all at the same time.  Ours was unique to us whereas the
php and PEAR ones affected lots of projects.


It might be worth throwing this onto the Devblog, so that "our people"
get the right news from us, instead of the Slashdot crowd.

I have just peeked at that Slashdot item again and ran a quick search. At least 3 commenters stated clearly that WordPress had released a fix.

Roy

--
Roy S. Schestowitz
http://Schestowitz.com

Follow-Ups:
- Re: [wp-hackers] XML-RPC Exploit?
  - From: Scott Merrill

References:
- XML-RPC Exploit?
  - From: Roy Schestowitz
- Re: [wp-hackers] XML-RPC Exploit?
  - From: Ryan Boren

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index