XML-RPC for PHP vulnerability attack attempts



Incidents.org is reporting on attacks against a recent XML-RPC vulnerability in PHP. This would affect users of PostNuke, Drupal, b2evolution, Xoops, WordPress, PHPGroupWare and TikiWiki. As far as I know there are fixes for each of these in the most recent versions of the software.



It basically acts as a network worm and AV vendors have added detection for it at this point. If you run any of the above (or any other php-based cms) look to ensure you have the most recent release running or have taken other measures to mitigate the risk.

Related Posts

Blog Traffic Exchange Related Posts
  • Symantec Antivirus Remotely Exploitable Vulnerability This is bad - whose defending the defender? eEye security has a bulletin announced that regards a remotely exploitable vulnerability in Symantec Antivirus 10.x and Symantec Client Security 3.x They say other versions MAY be vulnerable they're waiting for information from Symantec. Now, Symantec is probably the biggest selling antivirus......
  • Serious PHP flaw PHP which is a widely used scripting language for webpages has been found to have a serious vulnerability. The Inquirer is reporting on the announcement at hardened-php.net that the vulnerabilities are in the XML-RPC for PHP and PEAR XML-RPC libraries. This is apparently an eval() vulnerability similar to one earlier......
  • Viruses and worms can come in from many directions For a long time, email was the primary vector for viruses, before that floppy discs carried bugs from pc to pc. Then came network worms exploiting windows security vulnerabilities which led to the rise of firewalls and the increase in viruses piggy-backing into the system through browser bugs. But, any......
Blog Traffic Exchange Related Websites
  • The 5 Best Faults a Property Can Have When buying a property, the ability to see potential where others only see problems could save you thousands. Assuming you don’t currently live in a world filled with castles, unicorns and butterflies, when looking to buy property there will be compromises to be made. However, if you’re after a bargain,......
  • Update Your Wordpress Ping List For More Traffic In wordpress, ping is a XML-RPC-based push mechanism by which a weblog notifies a server that its content has been updated. A XML-RPC signal is sent to one or more "ping servers," which can then generate a list of blogs that have new blog post or content. So every time......
  • Review of the Garmin Forerunner 310 XT Having a GPS enabled training device is a good thing. Having a training device offering GPS that isn't afraid to get a little wet is even better. The rugged Garmin Forerunner 310 XT is an indispensable training tool for any triathlete because it is a swim proof, GPS enabled trainer......
Free PDF    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “XML-RPC for PHP vulnerability attack attempts”

  1. Avery J. Parker - Web site hosting and computer service Says:


    [...] There is a linux network worm (virus) in the wild, which I’ve mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple years….) Myth #1) linux doesn’t get viruses…. bull, this current worm is proof. Myth #2) if linux had bigger market share there would be tons of linux viruses – Maybe, but remember that much of the internet’s backbone runs on linux (all the machines at my providers webhosting company and indeed MANY others) [...]

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site