security bug in xml-rpc

Written by jlgaddis on July 4, 2005 – 5:42 pm -

If you haven’t yet heard, there’s a bug in the XML-RPC function that basically allows a remote attacker to execute PHP code. WordPress, the software that runs this website, is one of a host of applications that make use of XML-RPC and is vulnerable to this bug. This website was updated awhile ago, after the June 29th announcement at wordpress.org.

Look for a worm to start exploiting this in the near future.

Share and Enjoy:
  • StumbleUpon
  • Digg
  • Reddit
  • Facebook
  • del.icio.us
  • Twitter

Tags: , | No Comments »

Leave a Comment