Closed
Bug 869146
Opened 12 years ago
Closed 12 years ago
Wordpress Pingback Vulnerability on http://blog.mozilla.org
Categories
(Websites :: other.mozilla.org, defect)
Websites
other.mozilla.org
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: prakharpd, Unassigned)
References
Details
(Keywords: reporter-external, sec-low, Whiteboard: [site:blog.mozilla.org])
Attachments
(1 file)
|
300.81 KB,
image/png
|
Details |
Portscan using Metasploit Module
Hi,
The blog.mozilla.org is vulnerable to a recent Wordpress Pingback Vulnerability that allows a port scan using the Pingback API . You can even scan the server itself or discover some hosts on the external network using the server. It can even be abused to launch a DDoS attack.
I've attached the screenshot of Metasploit Module showing PortScan of scanme.nmap.org using blog.mozilla.org's IP.
References :
http://www.acunetix.com/blog/web-security-zone/wordpress-pingback-vulnerability/
http://www.pentestgeek.com/2013/01/03/wordpress-pingback-portscanner-metasploit-module/
http://news.softpedia.com/news/WordPress-Pingback-Vulnerability-Can-be-Abused-for-DDOS-Attacks-315722.shtml|
Metasploit Module:
https://raw.github.com/zeknox/metasploit-framework/wordpress_pingback_portscanner.rb/modules/auxiliary/scanner/portscan/wordpress_pingpack_portscanner.rb
|
Reporter | |
Comment 1•12 years ago
|
||
|
||
Updated•12 years ago
|
Group: mozilla-services-security → websites-security
Component: Web Site → other.mozilla.org
Product: Mozilla Services → Websites
:reed - any chance you can help confirm or deny this one?
Flags: needinfo?(reed)
OS: Windows 7 → All
Whiteboard: [site:blog.mozilla.org]
|
||
Updated•12 years ago
|
Flags: needinfo?(reed) → sec-review?
|
||
Updated•12 years ago
|
Flags: sec-review? → sec-bounty?
|
|
Reporter | |
Comment 3•12 years ago
|
||
Any bounty for this one?
|
|
||
Comment 4•12 years ago
|
||
this blog was upgraded to 3.5.1 so it is no longer vulnerable.
|
|
||
Updated•12 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
raymond can you confirm and close this if confirmed?
Flags: needinfo?(rforbes)
|
|
||
Comment 6•12 years ago
|
||
this has been confirmed as fixed.
https://bugzilla.mozilla.org/show_bug.cgi?id=834467&sourceid=Mozilla-search
Status: NEW → RESOLVED
Closed: 12 years ago
Flags: sec-bounty?
Flags: sec-bounty-
Flags: needinfo?(rforbes)
Keywords: sec-low
Resolution: --- → FIXED
|
||
Updated•12 years ago
|
Group: websites-security
|
||
Updated•11 months ago
|
Keywords: reporter-external
You need to log in
before you can comment on or make changes to this bug.
Description
•