• Home
  • Free Stuff
  • About
  • Contact

The Easiest Way to Upgrade WordPress 2.6.2 into 2.6.3

October 27, 2008

WordPress 2.6.3 has been officially announced a few days. According to the announcement, the problem occurred on the snoopy library, which used to fetch the feeds shown in the Dashboard on the Administration Panel.

It’s a few update anyway, which only related to the vulnerability as reported by Secunia Advisories.

A vulnerability has been discovered in Snoopy, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the “_httpsrequest()” function isn’t properly sanitized before being used in an “exec()” call. This can be exploited to inject arbitrary shell commands via a script calling the “fetch()” or “submit()” function with an URL controlled by the attacker.

Although it was a small and low-risk vulnerability, it should be better to upgrade the engine into latest version to prevent any malicious usage. If so, how to easily upgrade WP 2.6.2 into WP 2.6.3 ?

  • SSH into remote server where blog has hosted
  • Navigate into wp-includes folder
    [code language=’cpp’]wget -m -nd http://trac.wordpress.org/export/9310/tags/2.6.3/wp-includes/class-snoopy.php
    wget -m -nd http://trac.wordpress.org/export/9310/tags/2.6.3/wp-includes/version.php[/code]

If you have no access to the SSH account, replace the above file using FTP client.

Share

Blog

Masim "Vavai" Sugianto
Traveller, Open Source Enthusiast & Book Lover. Works as Independent Worker & Self-Employer.

Leave A Reply


Akismet Error : Cannot load akismet-admin page | Spirit of Change
October 27, 2008 at 18:32
Reply

[…] got an error after upgrading WordPress into ver 2.6.3 and updating Akismet plugin into ver […]



Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Recent Posts

    • Januari 2021 Portfolio Update
    • December 2020 Portfolio Update
    • After a While
    • Life goes On : Farming
    • Pursuing FIRE in Indonesia : Are You Prepared For A Recession?
    • VirtualBox Error Kernel Driver not Installed (rc=-1908) on Zorin OS 15.2
    • ZorinOS on Intel NUC Hades Canyon Series NUC817HVK
    • Banana Farm
    • Zorin OS 15.2 Ultimate
    • Haraka and LDAP Authentication with Zimbra



© Copyright LetsBlog Theme Demo - Theme by ThemeGoods