On Wed, Jan 25, 2012 at 04:13:12PM +, Benji wrote:
Yes it does.
wp-admin/setup-config.php?step=1 on any wp install where it exists gives
this:
The file 'wp-config.php' already exists one level above your WordPress
installation. If you need to reset any of the configuration items in
-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] TWSL2012-002: Multiple Vulnerabilities in
WordPress
On Tue, Jan 24, 2012 at 04:09:16PM -0600, Trustwave Advisories wrote:
Trustwave's SpiderLabs Security Advisory TWSL2012-002:
Multiple Vulnerabilities in WordPress
https
On Wed, Jan 25, 2012 at 08:43:34AM -0600, Trustwave Advisories wrote:
The vendor was notified. They have chosen not to fix the issue at this time.
The Vendor Response section has the details:
Vendor Response:
Due to the fact that the component in question is an installation script,
the
On Wednesday 25 Jan 2012 15:22:39 Henri Salo wrote:
There is A LOT of these open installation pages in the Internet. It is not
uncommon to leave those open by accident. Some people also do this,
because they just don't understand the risks. I am wondering if WordPress
would apply patch if we
Dear full-disclosure
I wrote to you to tell you about serious serious vulnerability in all
Windows versions.
If you turn machine on before system is configured, then you be able to set
user password yourself, big gaping hole
I make big large botnet to fully utilise this impressive
Yes it does.
wp-admin/setup-config.php?step=1 on any wp install where it exists gives
this:
The file 'wp-config.php' already exists one level above your WordPress
installation. If you need to reset any of the configuration items in this
file, please delete it first.
On Wed, Jan 25, 2012 at
Funny but no, this does not need a non-installed wordpress.
2012/1/25 Benji m...@b3nji.com
Dear full-disclosure
I wrote to you to tell you about serious serious vulnerability in all
Windows versions.
If you turn machine on before system is configured, then you be able to
set user password
Trustwave's SpiderLabs Security Advisory TWSL2012-002:
Multiple Vulnerabilities in WordPress
https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
Published: 1/24/12
Version: 1.0
Vendor: WordPress (http://wordpress.org/)
Product: WordPress
Version affected: 3.3.1 and prior
Product
On Tue, Jan 24, 2012 at 04:09:16PM -0600, Trustwave Advisories wrote:
Trustwave's SpiderLabs Security Advisory TWSL2012-002:
Multiple Vulnerabilities in WordPress
https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
Published: 1/24/12
Version: 1.0
Vendor: WordPress