PHP Blogging Apps Open to XML-RPC Exploits
miller60 writes "A bunch of popular PHP-based blogging and content management apps are vulnerable to a security hole in the PHP libraries handling XML-RPC, which could allow a server compromise. Affected apps include Wordpress, Drupal, PostNuke, Serendipity, phpAdsNew, phpWiki and many more. The presence of the security hole in a large number of programs is among the factors leading the Internet Storm Center to warn that the environment is ripe for a major Internet security event."
A blog server compromise cannot possibly lead to worse content.
"...major Internet security event."
A euphemism if I've ever heard one. Can I think of a better euphemism?
"Wardrobe malfunction"
Ah, there it is.
"Live as if you'll die tomorrow." Ridiculous. You could die later today.
The Internet Storm Center Reports that a high pressure coding flaw in PHP has created an error mass large enough to cause a rotation in sysadmin heads and has issued a red hat/flag Internet surf warning for all surfing sites.
BTW, suphp is my favorite way to check the overall status of an HP-UX system.
# suphp
Not much, runnin' some processes. 'Sup with you?
Visual IRC: Fast. Powerful. Free.