Wordpress Pingback Vulnerability on http://blog.mozilla.org

RESOLVED FIXED

Status

RESOLVED FIXED
6 years ago
4 years ago

People

(Reporter: prakharpd, Unassigned)

Tracking

({sec-low})

unspecified
sec-low
Bug Flags:
sec-bounty -

Details

(Whiteboard: [site:blog.mozilla.org])

Attachments

(1 attachment)

(Reporter)

Description

6 years ago
Hi,

The blog.mozilla.org is vulnerable to a recent Wordpress Pingback Vulnerability that allows a port scan using the Pingback API . You can even scan the server itself or discover some hosts on the external network using the server. It can even be abused to launch a DDoS attack.

I've attached the screenshot of Metasploit Module showing PortScan of scanme.nmap.org using blog.mozilla.org's IP.


References :
http://www.acunetix.com/blog/web-security-zone/wordpress-pingback-vulnerability/
http://www.pentestgeek.com/2013/01/03/wordpress-pingback-portscanner-metasploit-module/
http://news.softpedia.com/news/WordPress-Pingback-Vulnerability-Can-be-Abused-for-DDOS-Attacks-315722.shtml|


Metasploit Module:


https://raw.github.com/zeknox/metasploit-framework/wordpress_pingback_portscanner.rb/modules/auxiliary/scanner/portscan/wordpress_pingpack_portscanner.rb
(Reporter)

Comment 1

6 years ago
Created attachment 746032 [details]
Portscan using Metasploit Module
Group: mozilla-services-security → websites-security
Component: Web Site → other.mozilla.org
Product: Mozilla Services → Websites
:reed - any chance you can help confirm or deny this one?
Flags: needinfo?(reed)
OS: Windows 7 → All
Whiteboard: [site:blog.mozilla.org]
Flags: needinfo?(reed) → sec-review?
Flags: sec-review? → sec-bounty?
(Reporter)

Comment 3

5 years ago
Any bounty for this one?
this blog was upgraded to 3.5.1 so it is no longer vulnerable.
Status: UNCONFIRMED → NEW
Ever confirmed: true
raymond can you confirm and close this if confirmed?
Flags: needinfo?(rforbes)
this has been confirmed as fixed.

https://bugzilla.mozilla.org/show_bug.cgi?id=834467&sourceid=Mozilla-search
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Flags: sec-bounty?
Flags: sec-bounty-
Flags: needinfo?(rforbes)
Keywords: sec-low
Resolution: --- → FIXED
Duplicate of this bug: 890444
Group: websites-security
Duplicate of this bug: 947628
You need to log in before you can comment on or make changes to this bug.