NIST IT Security: Printer Friendly

LAN_PRINT_135: WordPress Sites Need To Upgrade, The Rest Of Us Need To Watch This Too.
(LAN_PRINT_86 Vulnerabilities)
LAN_PRINT_94 NIST.org
Thursday 01 May 2008 - 05:09:19

A major security vulnerability has been discovered in the popular WordPress blogging software. The vulnerability may allow an attacker to bypass security restrictions. Being able to bypass security restrictions would allow someone the ability to post malicious code that could attack visitors to that site.

When the “backend” server application is vulnerable it makes everyone more vulnerable. WordPress is one of the most popular blogging applications on the Internet. Its rich features and vast number of available plugins allow it to be used as a poor-man's Content Management System (CMS).

WordPress is open source which allows anyone to modify the code or build plugins to meet their requirements. Being “Open Source” is usually a good thing. But when a security fix comes out for an Open Source server application it means the bad guy only has to compare the old code with the new code to figure out where the problem lies. From there it is usually not too hard to figure out how to exploit it. Now that WordPress has released their security fix anyone with a little PHP talent can figure out what was fixed and thus what was vulnerable.

WordPress is used on hundreds of thousands of sites. Many popular sites use it, including some anti-hacker security sites (lucky for us we use something else). The vulnerability allows someone to bypass the security restrictions and thus presumably be able to elevate their rights to the equivalent of the site administrator. This would allow them to post their own code that could be used for such things as capturing visitors login passwords or posting malicious “drive-by” executables (would require taking advantage vulnerabilities on the visitors computer) that could install spyware or other malicious programs (the sky is the limit at that point).

Again, when the server side is vulnerable we're all more vulnerable. If you run a WordPress site you should upgrade as soon as possible to WordPress 2.5.1

{BLOGME}

LAN_PRINT_303NIST IT Security
( http://www.nist.org/comment.php?comment.news.258 )