XML-RPC for PHP vulnerability attack attempts



Incidents.org is reporting on attacks against a recent XML-RPC vulnerability in PHP. This would affect users of PostNuke, Drupal, b2evolution, Xoops, WordPress, PHPGroupWare and TikiWiki. As far as I know there are fixes for each of these in the most recent versions of the software.



It basically acts as a network worm and AV vendors have added detection for it at this point. If you run any of the above (or any other php-based cms) look to ensure you have the most recent release running or have taken other measures to mitigate the risk.

Related Posts

Blog Traffic Exchange Related Posts
  • Viruses and worms can come in from many directions For a long time, email was the primary vector for viruses, before that floppy discs carried bugs from pc to pc. Then came network worms exploiting windows security vulnerabilities which led to the rise of firewalls and the increase in viruses piggy-backing into the system through browser bugs. But, any......
  • Time to start cleaning out sites - the internet's getting too full.... Or at least Google may be.... stories here and here. The way the Register puts it is that Google is in an arms race with blog spammers, with tools out that can create 100 blogs in 24 minutes and shops that can provide mass numbers of private label articles, they......
  • SONY DRM rootkit - the gift that keeps on giving Well... I said, more legs than a centipede for this one.... It looks as though the uninstaller from Sony is an activex control that may have some SEVERE security implications. The ActiveX invokes a command to reboot the computer (RebootMachine). (Which is likely remotely exploitable). Also it appears to use......
Blog Traffic Exchange Related Websites
  • Update Your Wordpress Ping List For More Traffic In wordpress, ping is a XML-RPC-based push mechanism by which a weblog notifies a server that its content has been updated. A XML-RPC signal is sent to one or more "ping servers," which can then generate a list of blogs that have new blog post or content. So every time......
  • Review of the Garmin Forerunner 310 XT Having a GPS enabled training device is a good thing. Having a training device offering GPS that isn't afraid to get a little wet is even better. The rugged Garmin Forerunner 310 XT is an indispensable training tool for any triathlete because it is a swim proof, GPS enabled trainer......
  • The 5 Best Faults a Property Can Have When buying a property, the ability to see potential where others only see problems could save you thousands. Assuming you don’t currently live in a world filled with castles, unicorns and butterflies, when looking to buy property there will be compromises to be made. However, if you’re after a bargain,......
Fax Online    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “XML-RPC for PHP vulnerability attack attempts”

  1. Avery J. Parker - Web site hosting and computer service Says:


    [...] There is a linux network worm (virus) in the wild, which I’ve mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple years….) Myth #1) linux doesn’t get viruses…. bull, this current worm is proof. Myth #2) if linux had bigger market share there would be tons of linux viruses – Maybe, but remember that much of the internet’s backbone runs on linux (all the machines at my providers webhosting company and indeed MANY others) [...]

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site