Blake Ross hacked by Blackhat SEO Spammer, blakeross.com is running WordPress 2.0.4 on Apache 1.3.39; its like waiting to be hacked.
Digg it → Co-Founder of Mozilla Project WordPress Blog’s Hacked
Note: There is known directory transversal exploit for WordPress 2.0.4 #4226
How to fix wordpress.net.in Goro Spam
WordPress 2.0.5 Changelog
Apache 1.3 Vulnerability
The server where the backup’s log of the last three days are situated is badly set. The access for all directory by server is free, include “utils” directory that contains one script file called “update.sh” inside of which are situated the user and password to enter and download the database log from ip2location.com ~ excerpt from Giani Amoto
There is workaround for statcounter update.sh ip2location informations leak
check out this posts at kakkoi → Statcounter Update.sh Vulnerability Fixes
add the following htaccess code in statcounter /utils/ directory.
#deny access to any file with *.sh filetypes
<Files ~ "^\.sh">
Deny from all
#Deny request for *.log & comment files
<Files ~ "^.*\.([Ll][Oo][Gg]|[cC][oO][mM][mM][eE][nN][tT])">
Deny from all
wordpress.net.in remote spam injection, Matt’s heaton unaware that he uploaded the backdoor himself. Check his wordpress footer.
Full cache on google will not show the spam link (cloaking) used text-only cache.
As of this time of writing he’s still using WordPress 2.0.
While you are on mattheaton.com footer check out the “Comment (RSS)” links. The “RSS” part is misleading. its redirect to http://cwings.ulmb.com/alexa.php?c=bluehost.com instead of the Comments Feeds. go figure
What this got to do with Mick jagger?
lol i knew u asked that, read it all at kakkoi.
A serious vulnerability in Mozilla Firefox has been addressed in release 188.8.131.52 which is now posted to the Firefox web site. The exploit involved an issue in Apple QuickTime that could reportedly lead to a full compromise of the browser and possibly the underlying operating system.
The vulnerability reported by Petko D. Petkov at gnucitizen.org , who also reported on two other QuickTime vulnerabilities last year.
Firefox 184.108.40.206 is now available for Windows, Mac, and Linux for free download from http://getfirefox.com.