On Wed, Jan 25, 2012 at 04:13:12PM +, Benji wrote:
> Yes it does.
>
> wp-admin/setup-config.php?step=1 on any wp install where it exists gives
> this:
>
> The file 'wp-config.php' already exists one level above your WordPress
> installation. If you need to reset any of the configuration items
Funny but no, this does not need a non-installed wordpress.
2012/1/25 Benji
> Dear full-disclosure
>
> I wrote to you to tell you about serious serious vulnerability in all
> Windows versions.
>
> If you turn machine on before system is configured, then you be able to
> set user password yoursel
Yes it does.
wp-admin/setup-config.php?step=1 on any wp install where it exists gives
this:
The file 'wp-config.php' already exists one level above your WordPress
installation. If you need to reset any of the configuration items in this
file, please delete it first.
On Wed, Jan 25, 2012 at 4:11
Dear full-disclosure
I wrote to you to tell you about serious serious vulnerability in all
Windows versions.
If you turn machine on before system is configured, then you be able to set
user password yourself, big gaping hole
I make big large botnet to fully utilise this impressive vulnerabil
On Wednesday 25 Jan 2012 15:22:39 Henri Salo wrote:
> There is A LOT of these open installation pages in the Internet. It is not
> uncommon to leave those open by accident. Some people also do this,
> because they just don't understand the risks. I am wondering if WordPress
> would apply patch if
On Wed, Jan 25, 2012 at 08:43:34AM -0600, Trustwave Advisories wrote:
> The vendor was notified. They have chosen not to fix the issue at this time.
> The Vendor Response section has the details:
>
> Vendor Response:
> Due to the fact that the component in question is an installation script,
> th
M
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] TWSL2012-002: Multiple Vulnerabilities in
WordPress
On Tue, Jan 24, 2012 at 04:09:16PM -0600, Trustwave Advisories wrote:
> Trustwave's SpiderLabs Security Advisory TWSL2012-002:
> Multiple Vulnerabilities i
On Tue, Jan 24, 2012 at 04:09:16PM -0600, Trustwave Advisories wrote:
> Trustwave's SpiderLabs Security Advisory TWSL2012-002:
> Multiple Vulnerabilities in WordPress
>
> https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
>
> Published: 1/24/12
> Version: 1.0
>
> Vendor: WordPress
Trustwave's SpiderLabs Security Advisory TWSL2012-002:
Multiple Vulnerabilities in WordPress
https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
Published: 1/24/12
Version: 1.0
Vendor: WordPress (http://wordpress.org/)
Product: WordPress
Version affected: 3.3.1 and prior
Product de