Malicious Website / Malicious Code: XML-RPC for PHP Worm

Websense® Security Labs™ is monitoring the spreading of a new worm which targets web servers running vulnerable versions of XML-RPC for PHP. Once the worm infects a web server, it opens a backdoor to the compromised server and begins scanning for additional servers to infect. Versions of XML-RPC for PHP prior to 1.1.1 are vulnerable. XML-RPC for PHP is used in many third-party products, including:

* AWStats
* PHPGroupWare
* phpMyFAQ
* PostNuke
* PHPWiki
* TikiWiki
* WordPress Websense® - Security Labs Alert: XML-RPC for PHP Worm

Linked by shanmuga Monday, 7th November 2005 9:52PM