XML-RPC for PHP vulnerability attack attempts



Incidents.org is reporting on attacks against a recent XML-RPC vulnerability in PHP. This would affect users of PostNuke, Drupal, b2evolution, Xoops, WordPress, PHPGroupWare and TikiWiki. As far as I know there are fixes for each of these in the most recent versions of the software.



It basically acts as a network worm and AV vendors have added detection for it at this point. If you run any of the above (or any other php-based cms) look to ensure you have the most recent release running or have taken other measures to mitigate the risk.

Related Posts

Blog Traffic Exchange Related Posts
  • Linux network worm... There is a linux network worm (virus) in the wild, which I've mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple......
  • SONY DRM rootkit - the gift that keeps on giving Well... I said, more legs than a centipede for this one.... It looks as though the uninstaller from Sony is an activex control that may have some SEVERE security implications. The ActiveX invokes a command to reboot the computer (RebootMachine). (Which is likely remotely exploitable). Also it appears to use......
  • Hiding malware may evade antivirus Sans had an interesting malware analysis this morning about a blob that appeared to be ascii text (gibberish) that was retrieved by a piece of malware. It turns out that the ascii text was a cleverly encoded exe file (windows executable or program file.) It took several iterations of their......
Blog Traffic Exchange Related Websites
  • The 5 Best Faults a Property Can Have When buying a property, the ability to see potential where others only see problems could save you thousands. Assuming you don’t currently live in a world filled with castles, unicorns and butterflies, when looking to buy property there will be compromises to be made. However, if you’re after a bargain,......
  • Update Your Wordpress Ping List For More Traffic In wordpress, ping is a XML-RPC-based push mechanism by which a weblog notifies a server that its content has been updated. A XML-RPC signal is sent to one or more "ping servers," which can then generate a list of blogs that have new blog post or content. So every time......
  • Review of the Garmin Forerunner 310 XT Having a GPS enabled training device is a good thing. Having a training device offering GPS that isn't afraid to get a little wet is even better. The rugged Garmin Forerunner 310 XT is an indispensable training tool for any triathlete because it is a swim proof, GPS enabled trainer......
Fax Online    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “XML-RPC for PHP vulnerability attack attempts”

  1. Avery J. Parker - Web site hosting and computer service Says:


    [...] There is a linux network worm (virus) in the wild, which I’ve mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple years….) Myth #1) linux doesn’t get viruses…. bull, this current worm is proof. Myth #2) if linux had bigger market share there would be tons of linux viruses – Maybe, but remember that much of the internet’s backbone runs on linux (all the machines at my providers webhosting company and indeed MANY others) [...]

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site