Full Disclosure: Re: Wordpress Remote Exploit

Re: Wordpress Remote Exploit - W3 Total Cache

From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 27 Dec 2012 10:50:25 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/24/2012 03:56 AM, Jason A. Donenfeld wrote:

On Mon, Dec 24, 2012 at 7:39 AM, Jason A. Donenfeld
<Jason () zx2c4 com> wrote:

realizing. I'm copying the author on this email, as he may want
to include a warning message where nieve folks like myself can
see it, or document these somewhere if they're not already, or at
least apply the two .htaccess tweaks mentioned above.


I thought it might be worth amending to the list that I've just had
a long phone conversation with the author of the vulnerable code,
and we discussed several different solutions to solving the
likelihood of a user's misconfiguration as well as mitigating the
potential damage that could be caused by it. The author said he
intends to release a fix soon.


Does this need a CVE identifier? If so please see
http://people.redhat.com/kseifrie/CVE-OpenSource-Request-HOWTO.html

and send the request to oss-security () lists openwall com so there is a
public record of it and I will assign a CVE(s) as appropriate. Thank you.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJQ3IphAAoJEBYNRVNeJnmTqhwP/j7EwgwzPfe1lTEZ9gVMGOID
IT2YLBXmyXefrsCLqPh61oI84G0tQHK00zodkPZ0uXPEhoRdPEFo1OcrlFmtzVGb
jat0B3JUn5GH+7GaC9oFetWQJPu6gaW2Jo3kspIUQSQtCYCzBbkTjXk1fDJil7Xx
WwHMABoy1QPMc+XMPoiXAQ/sdhIoddJgKCy+InEI2sPgIxkSjYT77lfKBh5DQpj6
afdxLkGO8azCeHDdAQ3GgkivVXPgxy6jhhK/bvudf5qhXUchb+AkUjhrjYafkCB+
Df8pqkU9qkOUG75Rcp9ocL7AUiw9A3Dc2L4ZE/Z2Wsp9kZ4EMaBZL5+OcwIzWBvW
EnCupoeo7WtjYXskGSRKplXuwtSsJc8XcKnqw60YP1tuQLXa1NJlhY6btYsOkKe6
J4V5E3scKMBns9pLEQJUI+I7kf+nJl+5sL3Ci1bGAZGTHY3i26RZWFbWWp9ywxUI
jNImJEKbHgvhKsfNneE+Yryiy+aSHMNUlomRM6Np6wsS6SpJJsCxp94h5Y+/pcFo
C7+N1c9JqZbum64zqfCTxjX/smgcwZHF882f+H/9O7MOVV5vk0vBo0yfYwU8L8fS
EwKkj5ZUrmoRh/oh+6ravkI2R3/0eijza4WXiBeaJJLsBHPmTMOu/hOU71WTTBzz
mezA8ZLisITzfhCevOJl
=831H
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Wordpress Remote Exploit - W3 Total Cache Jason A. Donenfeld (Dec 24)
- Re: Wordpress Remote Exploit - W3 Total Cache Jason A. Donenfeld (Dec 24)
  - Re: Wordpress Remote Exploit - W3 Total Cache Frederick Townes (Dec 28)
  - Re: Wordpress Remote Exploit - W3 Total Cache Kurt Seifried (Dec 28)
- Re: Wordpress Remote Exploit - W3 Total Cache Jason A. Donenfeld (Dec 24)
  - Re: Wordpress Remote Exploit - W3 Total Cache Grandma Eubanks (Dec 24)