Security

WordPress XSS

Leave a comment

An input validation flaw in WordPress has me wondering about switching platforms. It’s not the flaw itself, but the lack of notification that’s getting me.

The variable handling XSS vulnerability was reported over the weekend.

PHP_SELF variable is not properly sanitized before output and it can be used to conduct an XSS attack over the WordPress’s CSRF protection.

[…]

A successful attack would require that the logged user has write capabilities over theme files, also the attacker must know the current theme of the target site.

Here’s the supposed timeline

03/08/2007 – Bug found
03/15/2007 – Vendor contact
03/16/2007 – WordPress 2.0.10-RC2 and 2.1.3-RC2 releases

But if you look at the current upgrade page, there’s no mention of the flaw or release candidates.

The latest version, WordPress Version 2.1.2 (http://wordpress.org/development/2007/03/upgrade-212/), was released to the public on March 2, 2007.

I can certainly understand if they are hesitant to pre-announce a stable build, but a little acknowledgment/warning of the problem would be nice for those of us who would like to see an authoritative response rather than just the chatter.

UPDATE (20 Mar 2007): The attack discussion thread continues and some clever ducky has just posted a fine XSS exploit. I tested it a minute ago and it definitely works on the stable release. I still do not see any alert on the official WordPress site. Hello? Hello?

Poetry, Security

Critical vulnerabilities on Cisco, Sun, Apple

Leave a comment

I had this scheduled for later today, but the severity is high enough I thought I should just go ahead and let it post.

  • Mac OS X arbitrary code execution details and patches (Security Update 2007-003) are available here.
  • Sun Solaris 10’s alert on code execution due to Adobe Reader can be found here.

    Multiple security vulnerabilities in the Adobe Reader may allow remote unprivileged users to execute arbitrary code. This includes a cross-site scripting (XSS) vulnerability that may allow a remote unprivileged user to inject arbitrary JavaScript into a browser session.

  • And Cisco has just updated their critical warning on certain switches.

    Cisco Catalyst 6000, 6500 series and Cisco 7600 series that have a Network Analysis Module installed are vulnerable to an attack, which could allow an attacker to gain complete control of the system. Only Cisco Catalyst systems that have a NAM on them are affected.

All that in addition to Microsoft’s cleverly disguised security patch for March.

Busy days with long hours…or as Wong Phui Nam once wrote:

against the margin of encroaching sleep
where I anticipate only, a waking
to vague remembrance of a harrowing in my dream.

Don’t forget the proposed laws of vulnerabilities including that “80% of exploits are available within the first half-life period of critical vulnerabilities” (19 days external, 48 days internal).

History, Security

Eight Bells of Homer

Leave a comment

A Whistler etching caught my eye the other day. It was sitting perched in a store window and after a moment I went inside to get a closer look. A simple, small and beautiful work, it showed the talent in Whistler’s hand for subtle and small details as well as his awkward disinterest or dabbling in the foreground.

whistler-billingsgate

Then the gallery directed me towards some other etchings, as well as the odd Ernst “Sign for a School for Pirates“, and I wandered a bit until I noticed an original and giant Winslow Homer etching titled “Eight Bells”.

Wow.

I could go on about the history of this work, and how hard it must have been to transfer to an etching, but it’s well documented on the web already. I just wanted to say I was completely blown away by the amazing detail he managed to capture in the water and clouds, and that I was really surprised to see how he supposedly hid the image of his father in a small section. Can you find it?

The effect in this work is so dramatic, steganography or not, it really has to be seen in person to be believed.

8bells-painting

8bells-etching

Poetry, Security

I’ll follow you into the dark

Leave a comment

by Ben Gibbard of Death Cab for Cutie (mov)

Love of mine
Some day you will die
But I’ll be close behind
I’ll follow you into the dark

No blinding light
Or tunnels to gates of white
Just our hands clasped so tight
Waiting for the hint of a spark

If heaven and hell decide
That they both are satisfied
Illuminate the no’s on their vacancy signs

If there’s no one beside you
When your soul embarks
Then I’ll follow you into the dark

In Catholic school
As vicious as Roman rule
I got my knuckles bruised
By a lady in black

And I held my tongue
As she told me, “Son,
Fear is the heart of love”
So I never went back

If heaven and hell decide
That they both are satisfied
Illuminate the no’s on their vacancy signs

If there’s no one beside you
When your soul embarks
Then I’ll follow you into the dark

You and me
Have seen everything to see
From Bangkok to Calgary
And the soles of your shoes, are all worn down

The time for sleep is now
It’s nothing to cry about
Cause we’ll hold each other soon
In the blackest of rooms…

If heaven and hell decide
That they both are satisfied
Illuminate the no’s on their vacancy signs

If there’s no one beside you
When your soul embarks
Then I’ll follow you into the dark
Then I’ll follow you into the dark

Is that a preference for purgatory?