FYI...
Gumblar authors crash WordPress sites
- http://www.networkworld.com/news/200...s.html?hpg1=bn
11/04/2009 - "Webmasters who find an annoying error message on their sites may have caught a big break, thanks to a slip-up by the authors of the Gumblar botnet. Tens of thousands of Web sites, many of them small sites running the WordPress blogging software, have been broken, returning a "fatal error" message in recent weeks. According to security experts those messages are actually generated by some buggy malicious code sneaked onto them by Gumblar's authors... Gumblar's authors apparently made some changes to their Web code... and as a result "the current version of Gumbar effectively breaks WordPress blogs"*... WordPress sites that have crashed because of the buggy code display the following error message: Fatal error: Cannot redeclare xfm() (previously declared in /path/to/site/index.php(1) : eval()'d code:1)
in /path/to/site/wp-config.php(1) : eval()'d code on line 1
Other sites running software such as Joomla get different fatal-error messages... In effect, the messages warn Gumblar's victims that they've been compromised..."
* http://blog.unmaskparasites.com/2009...lex-php-sites/
04 Nov 09
WordPress Exploit Scanner
- http://wordpress.org/extend/plugins/exploit-scanner/
• Version: 0.6
• Last Updated: 2009-11-4
• Requires WordPress Version: 2.7.1 or higher
• Compatible up to: 2.8.5