Tag Archive | "mt_rand"
WordPress 2.6.2
Yesterday, WordPress 2.6.2 was released to address the SQL Column Truncation and mt_rand() vulnerabilities. This release also includes a few other minor bug fixes. (Details of other bug fixes can be found here) Here's an excerpt from the WordPress blog to give you an idea on how the vulnerabilities can be used to attack blogs with open user registration. With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password. The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password.
Continue reading...
- ThemeFuse Premium WordPress Themes Giveaway
- MediaLoot Elite Membership Giveaway
- WPMU DEV Premium Elite Membership Giveaway
- Facebook Updates You Should Know About
- New & Improved Facebook “Like” Button WordPress Plugin
- How Do You Like Internet Explorer 9?
- Vonage Adds Unlimited Calling to the Philippines
- Internet Speed and Costs Around The World [Infographic]
- HowTo: Disable Facebook Photo Theater
- Yahoo Officially Discontinues MyBlogLog on May 24th
- WordPress for Android Now Available for Nook Color/Tablet & Kindle Fire
- Google Panda Simplified [Infographic]
- Weekend Roundup #145
- How Do You Like Gmail’s New Look?
- GarageBand for iPhone and iPod Touch
- WordPress for iOS 2.9.1 Now Available
- ThemeFuse Halloween Promo – 75% OFF
- Weekend Roundup #144
- Belated Happy 20th Birthday, Linux!
- Google Shutting Down Slide Social Apps
- Theo Parmer: taco truck texture template plz? and Dragon nissan...
- max: Can you please send me the purple taco bell truck....
- Marc Womack: This is old thread, but came across it via search ...
- Mbox: Thnx alot not really sure what i jus did but it se...
- keii-ran: people.... diba tabsing is tide? got it from trans...
- elmot: Great to have you back bro! Everyone's been puzzl...
- dimaks: Welcome back Jaypee! Hope you had a nice break. Su...
- GavelMawkish: I was facing the same problem, updating the system...
- Anon: I wish this told me how to "Disable" unity, and no...
- Joshhredd: Me too. I can not check the box....
Advertisements
Featured Links
- GoDaddy Coupon Codes
- WP Webhost Discount Coupon Code
- FREE Google Adwords Coupons
- Free Video Editing Software
- Free Audio Editing Software
- Free Antivirus Software
- Free CD/DVD Burning Software
- Free Defragmentation Software
- Free Tax Software
- Free Text Editors
- HowTo: Recover WordPress Password
- HowTo: Move From Blogger to WordPress
- HowTo: Secure Your WiFi Router
- HowTo: Prevent Hotlinking
- HowTo: Rip DVDs with VLC Media Player
- HowTo: Bypass Megavideo Time Limit
- HowTo: Block Online Surveys
- HowTo: Create a Bootable USB Drive
- Coupon Code
- Best WordPress Hosting
- Website Builder
Top Commentators
- dimaks (1)
- elmot (1)
- keii-ran (1)
- Mbox (1)
- Marc Womack (1)
- max (1)
- Theo Parmer (1)
Follow This Blog
Powered By:
© 2010 JaypeeOnline · Advertise · Contact · Sitemap · Privacy Policy · Disclosure Policy · Top
Powered by 
Tuesday, September 9, 2008
4 Comments