WordPress Security Risk – delete the install.php file! Or possible vulnerability

By On June 19, 2009 · 6 Comments

It is well known that there are new versions of a program. The next releases repair some bugs, but very often they create new bugs and vulnerabilities to remote attacks. Anyway it is always (almost always) to have the latest version of a program, for example WordPress.

It is easy for an attacker to understand or read the version of WordPress you are using. If it is an old version, there are for sure vulnerabilities, and they are well known, many blogs and forums talk about them! But if the versions are the latest, probably the security bugs are unknown, or if they are, the information of the vulnerabilities doesn’t spread too fast and less people know about it.

In the installation of WordPress you need to copy all the files to a root folder of the server, and then you can go to the wp-admin/install.php and start the installation. After you finish the installation it is suggested to delete the install.php file. Many wordpresser delete also the upgrade.php also!

Here is an image of what is shown normally when the attacker goes to the install.php in normal conditions, when there is no error on the database:

alreadyinstalled

It has been found a vulnerability in WordPress Up to 2.8 (at the time of May 5th 2009) with the install.php file and crashes of the MySQL database. When there is a crash on the database, in the browser is shown an error message which says that there was an error establishing a database connection. In this moment it is possible to go to the install.php and create a new admin and a new password is given!

For more informations about this vulnerability you can go to the forum http://perishablepress.com/press/2009/05/05/important-security-fix-for-wordpress/.

What to do to protect your WordPress blog… delete the install.php, because it is not needed since you have it already installed. And you can backup the upgrade.php on another folder outside of your wordpress directories, you will put it back temporarily just for the upgrade.

Another very important step is to delete all the readme files, txt and htmls where the version of WordPress can be read from the attacker.

If you have any informations about this issue being resolved on WordPress 2.8 or 2.8 RC1 please comment.
Thanks for reading

Do you have a blog? Let’s exchange our links!

Any question? You need our FAST help? Go to our forum and as for FREE!

Tagged with:
 
If this article Helped you, please Pay-it-Forward by sharing it!
Facebook Digg

6 Responses to WordPress Security Risk – delete the install.php file! Or possible vulnerability

  1. Wordpress 2.8 settings - general save button not loading | Security-Exchange News says:
    June 19, 2009 at 10:25 pm

    [...] Do you want to read something more about WordPress vulnerabilities and how to protect? Go here… [...]

  2. keylogger detection says:
    August 17, 2010 at 10:52 am

    hi,
    nice and very helpful information.
    thanks

  3. Constanta says:
    September 27, 2010 at 1:53 pm

    Great article and information!
    Thank you!
    All The Best!

  4. Antivirushero says:
    March 3, 2011 at 2:34 pm

    Excellent post mate. I have found you on Google. I will come back again. I hope you have a great day. Cheers!

  5. Nurul Imam says:
    July 6, 2011 at 4:07 am

    Thanks For Sharing Guys…

  6. Alvaro Moura says:
    November 13, 2011 at 12:44 pm

    And what about hide the PHP version when showed by the server?

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>