[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
- From: g30rg3_x <g30rg3x@xxxxxxxxx>
- Date: Thu, 12 Nov 2009 09:42:21 -0600
The same thing was discussed on WP-Hackers list[1] and it was found
that the problem was introduced by Option +Multiviews[2]...
And also someone point that Option +Multiviews is enabled by default
on cpanel/whm[3] based servers therefore lots of cheap (and not so
cheap) shared hosting providers introduce this behavior that could
potentially be harmful not just to wordpress but any software that
handles uploads and respect the uploaded file extensions.
Regards
[1]
http://lists.automattic.com/pipermail/wp-hackers/2009-November/thread.html#28450
[2] http://lists.automattic.com/pipermail/wp-hackers/2009-November/028466.html
[3] http://lists.automattic.com/pipermail/wp-hackers/2009-November/028482.html
_________________________
g30rg3_x
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/