März 2007 - geschonneck.com

Assess It All, Or Lose It All

Posted onDienstag, 13. März 2007Dienstag, 13. März 2007

Security Monkey published a good case study about evidence seizure and what happens, if you forget to asses all relevant system data after a security incident occurs.

WordPress 2.1.1 with backdoor

Posted onFreitag, 2. März 2007Freitag, 2. März 20071 Comment

WordPress security warning! „If you downloaded WordPress 2.1.1 from wordpress.org within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately“. Please check

SQL Injection in WordPress 2.1.1

Posted onDonnerstag, 1. März 2007Donnerstag, 1. März 20072 Comments

Upgrading to wordpress 2.1.1 was urgent, but we still have SQL injections, path disclosures and cross site scripting problems in this version! My colleague Sebastian Krause has some examples: