Slashdot Mirror

← Back to Stories (view on slashdot.org)

PHP Blogging Apps Open to XML-RPC Exploits

Posted by Zonk on from the batten-down-the-hatches dept.

miller60 writes "A bunch of popular PHP-based blogging and content management apps are vulnerable to a security hole in the PHP libraries handling XML-RPC, which could allow a server compromise. Affected apps include Wordpress, Drupal, PostNuke, Serendipity, phpAdsNew, phpWiki and many more. The presence of the security hole in a large number of programs is among the factors leading the Internet Storm Center to warn that the environment is ripe for a major Internet security event."

8 of 166 comments (clear)

  1. Smooth. by Anonymous Coward · · Score: -1, Offtopic

    Smooth.

  2. obligatory Soviet Russia by Krankheit · · Score: -1, Offtopic

    In Soviet Russia, blogging apps connect to you.

    --
    Powered by caffeine and sugar; BSD
  3. unhealthy by isnochys · · Score: 1, Offtopic

    blogging will lead to insane children
    --
    www.isnochys.com

  4. Re:How to patch PHP/PEAR by xWastedMindx · · Score: 0, Offtopic
    or...
    apt-get update; apt-get dist-upgrade
  5. of course this has nothing to do with linux by Anonymous Coward · · Score: -1, Offtopic

    linux is still super stable secure etc etc etc.
    only if you have php on windows should you worry.

  6. W00t fMp by Anonymous Coward · · Score: -1, Offtopic

    shall we? OK! distributions to dEliver what, Usenet. In 1195, (7000+1400+700)*4 for election, I which allows Be a cock-sucking This post brought

    1. Re:W00t fMp by Anonymous Coward · · Score: -1, Offtopic

      Pumpkin!

  7. Open-source, bah! by tonyblake2003 · · Score: 0, Offtopic

    How *dare* an open-source product have bugs! This is exactly the reason that I threw my MSWin servers into the sea. Now you're expecting me to update my PHP libs? God almighty, you're all the same.