Blog Worms

Picture credit: http://securityawareness.blogspot.com
The incredible popularity of the PHP web application language has an obvious downside: if a significant vulnerability is discovered, it will take a while to patch all of the relevant systems. Netcraft reported today that just such a weakness has been discovered: the XML-RPC libraries (conventional and PEAR) allow remote execution of PHP code via a failed escapement of quotes. Popular applications such as PostNuke, WordPress and Drupal are vulnerable.

Such an exploit combined with Santy-style installation techniques (i.e., it uses Google to search for potential victims) could wreak havoc on thousands of servers.

Netcraft: PHP Blogging Apps Vulnerable to XML-RPC Exploits