[wp-trac] [WordPress Trac] #11104: 2.8.5 Injection Exploit
WordPress Trac
wp-trac at lists.automattic.com
Sun Nov 15 22:34:46 UTC 2009
#11104: 2.8.5 Injection Exploit
--------------------------+-------------------------------------------------
Reporter: bradyk | Owner: ryan
Type: defect (bug) | Status: new
Priority: high | Milestone: Unassigned
Component: Security | Version: 2.8.5
Severity: blocker | Keywords: dev-feedback 2nd-opinion exploit, injection, hack, malware, porn
--------------------------+-------------------------------------------------
Comment(by dd32):
bradyk: Do you have ANY logs which show what has happened?
I'm strongly thinking this is a server issue, As you've seen, some people
with static php files are getting hit as well.
Have you run a local antivirus scan? There was recently a item that went
around harvesting ftp credentials from your computer and infecting our
remote sites like that..
Until some log files become available showing what is being POST'd to any
of the affected files, Its impossible to say if its WordPress's fault or
not.
This plugin: http://www.village-idiot.org/archives/2008/04/16/postlogger-
for-wordpress/ logs all POST requests, It might give us some form of
explanation of the entry point?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11104#comment:10>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list