[wp-trac] Re: [WordPress Trac] #7710: admin account exploit

WordPress Trac wp-trac at lists.automattic.com
Mon Sep 8 16:21:45 GMT 2008


#7710: admin account exploit
-----------------------------+----------------------------------------------
 Reporter:  jeremyclark13    |        Owner:  anonymous
     Type:  defect           |       Status:  new      
 Priority:  high             |    Milestone:  2.6.2    
Component:  Security         |      Version:  2.6.1    
 Severity:  critical         |   Resolution:           
 Keywords:  milworm exploit  |  
-----------------------------+----------------------------------------------
Comment (by g30rg3x):

 :P[[BR]]
 [[BR]]
 2.6.2 should be released ASAP (IMHO), cause it not only address that bug,
 it also address [http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-
 random-numbers/ this bug] and unfortunately it was only matter of time
 before someone point out this flaws (before the release of 2.6.2) and
 releases his "exploits" to the public.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/7710#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list