Archive

Posts Tagged ‘Security Bypass Vulnerability’

WordPress ‘wp-admin/admin.php’ Module Configuration Security Bypass Vulnerability

July 20th, 2009 4 comments

Sore-sore iseng OL irc di chan #bagelen, tiba-tiba bot saya ngasih informasi ke channel kalau ada bug di engine wordpress.

<@tkj> 0,3 ::4[1Vuln: WordPress ‘wp-admin/admin.php’ Module Configuration Security Bypass Vulnerability4]0 WordPress ‘wp-admin/admin.php’ Module Configuration Security Bypass Vulnerability 4[1http://www.securityfocus.com/bid/355844]0 ::

Langsung aja menuju TKP 😀 lihat di situs securityfocus. Ah… ternyata benar. Langsung deh upgrade ke wordpress yang terbaru. Berikut informasi bug wordpress :

Diskusi

WordPress is prone to a security-bypass vulnerability.

Authenticated attackers may exploit this issue to gain access to configuration scripts, which may allow them to obtain sensitive information or elevate privileges; other attacks may also be possible.

Versions prior to the following are vulnerable:

WordPress 2.8.1
WordPress MU 2.8.1

Read more…

Bad Behavior has blocked 1475 access attempts in the last 7 days.