[wp-hackers] XML-RPC Exploit?

Scott Merrill skippy at skippy.net
Tue Jul 5 03:15:07 GMT 2005


Ryan Boren wrote:
> On Tue, 2005-07-05 at 02:06 +0100, Roy Schestowitz wrote:
> 
>>http://it.slashdot.org/article.pl?sid=05/07/04/2153224&tid=95&tid=172&tid=169
>>
>>Can anybody please comment on the relevance of WordPress? Bearing in mind that
>>the  flaw may have been address already, it is still mentioned among
>>applications that are susceptible to an XML-RPC exploit.
> 
> 
> Not relevant to WP.  We don't use the php libraries.  Ours is a
> different but similar XMLRPC exploit.  There was ours, the php one, and
> the PEAR one all at the same time.  Ours was unique to us whereas the
> php and PEAR ones affected lots of projects.

It might be worth throwing this onto the Devblog, so that "our people" 
get the right news from us, instead of the Slashdot crowd.

-- 
skippy at skippy.net | http://skippy.net/

gpg --keyserver pgp.mit.edu --recv-keys 9CFA4B35
506C F8BB 17AE 8A05 0B49  3544 476A 7DEC 9CFA 4B35


More information about the wp-hackers mailing list