WordPress 2.6.2 Released Due To PHP Weakness That Might Lead To Attack

September 8th, 2008

WordPress 2.6.2 Released Due To PHP Weakness That Might Lead To Attack

New WordPress version, 2.6.2, was released today to mitigate a new attack vector discovered by PHP security researcher Stefan Esser. According to an advisory from WordPress blog, Stefan Esser recently warned developers of the dangers of SQL Column Truncation and the weakness of mt_rand(). Blogs that allow users registration should be upgraded as soon as possible.

With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username that will allow resetting another user’s password to a randomly generated one. The randomly generated password is not disclosed to the attacker, so this problem by itself is not a real security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password.

WordPress developers said the attack is difficult to accomplish but the patch is being released because of the associated risk.

Share this item with others:

More on CyberInsecure:

WordPress Multiple SQL Injection Vulnerabilities

WordPress 2.8.3 Remote Admin Password Reset Vulnerability

WordPress Parameter Directory Traversal Vulnerability

XSS Flaw Fixed In Latest WordPress 2.6.5

Significant Number Of WordPress Websites Compromised, IFrame Used For Affiliate Scheme

Posted in Software, Vulnerabilities |

Print This Post

This entry was posted on Monday, September 8th, 2008 at 8:24 pm and is filed under Software, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.