WordPress 2.6.2 Released Due To PHP Weakness That Might Lead To Attack
New WordPress version, 2.6.2, was released today to mitigate a new attack vector discovered by PHP security researcher Stefan Esser. According to an advisory from WordPress blog, Stefan Esser recently warned developers of the dangers of SQL Column Truncation and the weakness of mt_rand(). Blogs that allow users registration should be upgraded as soon as possible.
With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username that will allow resetting another user’s password to a randomly generated one. The randomly generated password is not disclosed to the attacker, so this problem by itself is not a real security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password.
WordPress developers said the attack is difficult to accomplish but the patch is being released because of the associated risk.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.