WordPress, PHP Apps, Subject to Ghost glibc AttacksJan 30, 2015, 07:00 (0 Talkback[s])
(Other stories by Michael Mimoso)
"Less than 48 hours after the disclosure of the Ghost vulnerability in the GNU C library (glibc), researchers have uncovered that PHP applications, including the WordPress content management system, could be another weak spot and eventually in the crosshairs of attackers.
Ghost is a vulnerability in glibc that attackers can use against only a handful of applications right now to remotely run executable code and gain control of a Linux server. The vulnerability is a heap-based buffer overflow and affects all Linux systems, according to experts, and has been present in the glibc code since 2000. ???An example of where this could be a big issue is within WordPress itself: it uses a function named wp_http_validate_url() to validate every pingback???s post URL,??? wrote Sucuri research Marc-Alexandre Montpas in an advisory published Wednesday. ???And it does so by using gethostbyname(). So an attacker could leverage this vector to insert a malicious URL that would trigger a buffer overflow bug, server-side, potentially allowing him to gain privileges on the server.???"