April 12, 2007

Back door to Wordpress Blogs

I was reading at News.com that an unknown intruder has compromised a WordPress server and added a remote control tool to downloadable versions of the widely used blogging software. The breach happened last week and was discovered on Friday, WordPress creator Matt Mullenweg wrote on the WordPress Web site. The WordPress team learned of the compromise through an e-mail to its security e-mail address about unusual and highly exploitable code in WordPress. After an investigation, the team concluded that somebody had modified two files in the 2.1.1 release that would allow for remote execution of PHP code, Mullenweg wrote.The vulnerability could allow an attacker access to the server running the blogging software. The Web server hosting the infected WordPress software was taken down and will be forensically examined, Mullenweg said.Not all downloads of 2.1.1 were rigged, but WordPress has released version 2.1.2 that includes minor updates and entirely verified files. The team is also taking measures to prevent a similar breach in the future.Any WordPress users running version 2.1.1 should upgrade immediately to overwrite all old files. WordPress has additional tips for Web hosters and network administrators.