[wp-trac] Re: [WordPress Trac] #4627: Link manager exploit?
WordPress Trac
wp-trac at lists.automattic.com
Fri Jul 20 16:38:20 GMT 2007
#4627: Link manager exploit?
----------------------+-----------------------------------------------------
Reporter: cbdilger | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.4 (future)
Component: Security | Version: 2.2
Severity: normal | Resolution:
Keywords: |
----------------------+-----------------------------------------------------
Comment (by cbdilger):
Replying to [comment:1 JeremyVisser]:
> Can you {{{grep}}} your access logs for {{{link-add.php}}}? Might reveal
something.
Only three instances::
access.log.2007-07-06.gz:87.126.31.177 - - [06/Jul/2007:05:24:49 -0700]
"GET /cbd/wp-admin/link-add.php HTTP/1.0" 200 12447 "-" "Opera/9.01
(Windows NT 5.0; U; en)"
access.log.2007-07-12.gz:87.126.31.177 - - [12/Jul/2007:06:56:22 -0700]
"GET /cbd/wp-admin/link-add.php HTTP/1.0" 200 12447 "-" "Opera/9.01
(Windows NT 5.0; U; en)"
access.log.2007-07-12.gz:87.126.31.177 - - [12/Jul/2007:06:56:24 -0700]
"POST /cbd/wp-admin/link.php HTTP/1.0" 200 0 "http://wrecking.org/cbd/wp-
admin/link-add.php" "Opera/9.01 (Windows NT 5.0; U; en)"
> Oh, and upgrade to 2.2.1. 2.2 has known security flaws.
Will do.
--
Ticket URL: <http://trac.wordpress.org/ticket/4627#comment:3>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list