Daily Gadgets, Computer, and Electronics News » exploit http://www.funponsel.com/blog Daily Gadgets, Computer, and Electronics News Sun, 22 Nov 2009 16:31:53 +0000 http://wordpress.org/?v=2.8.6 en hourly 1 Wordpress v1.5.1.3 Exploit http://www.funponsel.com/blog/wordpress/wordpress-v1513-exploit.html http://www.funponsel.com/blog/wordpress/wordpress-v1513-exploit.html#comments Sun, 14 Aug 2005 10:29:02 +0000 cosa http://www.funponsel.com/blog/?p=366 WordPress LogoIf you’re using Wordpress v1.5.1.3, you should aware of the latest exploit found on this latest Wordpress version. SecuriTeam posted this exploit on August 10th, as quoted below (via LiewCF):

A vulnerability in WordPress’s handling of incoming cookie information allows remote attackers to cause the program to execute arbitrary code if the PHP settings of register_globals has been set to On.

To protect your blog, you can choose between these 2 solution:

  1. From Tamba2, edit .htaccess file that covered your blog and add the following line:
    php_flag register_globals off
  2. From Kamigoroshi, if you’re too lazy to edit the file, just download the fix here, and upload it to your blog directory. It will replace wp-settings.php file.

That’s it, you’re now immune to the remote attack caused by this exploit. It’s easy and take less than 5 minutes, so you should do it a.s.a.p before it’s too late :d

]]> http://www.funponsel.com/blog/wordpress/wordpress-v1513-exploit.html/feed 3