DTP


 
Lively discussions on the graphic arts and publishing — in print or on the web


Go Back   Desktop Publishing Forum > General Discussions > Web Site Building & Maintenance

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 06-18-2009, 12:30 PM   #1
ktinkel
Founding Sysop
 
ktinkel's Avatar
 
Join Date: Oct 2004
Location: In Connecticut, on the Housatonic River near its mouth at Long Island Sound.
Posts: 11,189
Default WordPress 2.8 released

I had a WordPress adventure yesterday. Decided to update a WP 2.7.1 site to 2.8, and when I went to check the config.php file, found two odd directories with nasty PHP files in them (one was just above that file in the list, which is why I noticed it).

I asked a security maven to look at one of them and he said the file can create “randomly named subdirectories, creates PHP files in them with the content passed in through forms, so they can contain anything, and can delete all traces of them on command.”

Yikes! Word to the wise: Update whenever a new version is released. The process has been made much easier recently, and it appears we really do need the protection!

   
__________________
[SIZE=2][COLOR=LemonChiffon]::[/COLOR][/SIZE]
[SIGPIC][/SIGPIC]
ktinkel is offline   Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
WordPress 2.6 released early ktinkel Web Site Building & Maintenance 4 07-31-2008 12:40 PM
WordPress 2.2.1 available ktinkel Web Site Building & Maintenance 20 06-23-2007 10:58 PM
Wordpress 2.1.3 released Kelvyn General Publishing Topics 0 04-03-2007 01:00 AM
WordPress 2.1 released Kelvyn Web Site Building & Maintenance 4 01-27-2007 10:20 AM
WordPress - getting my feet wet ktinkel Web Design 45 12-13-2006 10:25 AM


All times are GMT -8. The time now is 10:25 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Contents copyright 2004–2014 Desktop Publishing Forum and its members.