XML-RPC for PHP vulnerability attack attempts

Written by

Computers, General Web/Tech, Security, Viruses

Incidents.org is reporting on attacks against a recent XML-RPC vulnerability in PHP. This would affect users of PostNuke, Drupal, b2evolution, Xoops, WordPress, PHPGroupWare and TikiWiki. As far as I know there are fixes for each of these in the most recent versions of the software.

It basically acts as a network worm and AV vendors have added detection for it at this point. If you run any of the above (or any other php-based cms) look to ensure you have the most recent release running or have taken other measures to mitigate the risk.

AV PHP

Comments

One response to “XML-RPC for PHP vulnerability attack attempts”

November 7, 2005

Avery J. Parker – Web site hosting and computer service

[…] There is a linux network worm (virus) in the wild, which I’ve mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple years….) Myth #1) linux doesn’t get viruses…. bull, this current worm is proof. Myth #2) if linux had bigger market share there would be tons of linux viruses – Maybe, but remember that much of the internet’s backbone runs on linux (all the machines at my providers webhosting company and indeed MANY others) […]

You must be logged in to post a comment.

XML-RPC for PHP vulnerability attack attempts

Comments

One response to “XML-RPC for PHP vulnerability attack attempts”

Leave a Reply

More posts

Well hello there….

Maybe it’s time for a cleanup here…

Diversified Tech Solutions

Website Spokesperson