[wp-hackers] Exploit again!
Dougal Campbell
dougal at gunters.org
Wed Aug 17 16:35:48 GMT 2005
Podz wrote:
> "Just as little warning to all those now installing 1.5.2
>
> WordPress 1.5.2 does not fix the remote code execution vulnerability. It
> just renders the published exploit useless.
>
> After inserting 10 magic characters into the exploit it will still work
> against 1.5.2 "
Nope. There *was* a still-vulnerable version online for a *very* short
time frame, but it was corrected before any announcements were made.
The WP 1.5.2 archive currently available (which has been up since before
the official announcement was made on the dev blog) does *not* contain
the vulnerability.
--
Dougal Campbell <dougal at gunters.org>
http://dougal.gunters.org/
More information about the wp-hackers
mailing list