[wp-hackers] XML-RPC Exploit?
Roy Schestowitz
r at schestowitz.com
Tue Jul 5 05:27:38 GMT 2005
Quoting Scott Merrill:
> Ryan Boren wrote:
>> On Tue, 2005-07-05 at 02:06 +0100, Roy Schestowitz wrote:
>>
>>> http://it.slashdot.org/article.pl?sid=05/07/04/2153224&tid=95&tid=172&tid=169
>>>
>>> Can anybody please comment on the relevance of WordPress? Bearing
>>> in mind that
>>> the flaw may have been addressed already, it is still mentioned among
>>> applications that are susceptible to an XML-RPC exploit.
>>
>>
>> Not relevant to WP. We don't use the php libraries. Ours is a
>> different but similar XMLRPC exploit. There was ours, the php one, and
>> the PEAR one all at the same time. Ours was unique to us whereas the
>> php and PEAR ones affected lots of projects.
>
> It might be worth throwing this onto the Devblog, so that "our people"
> get the right news from us, instead of the Slashdot crowd.
I have just peeked at that Slashdot item again and ran a quick search.
At least
3 commenters stated clearly that WordPress had released a fix.
Roy
--
Roy S. Schestowitz
http://Schestowitz.com
More information about the wp-hackers
mailing list