Jan
24

MT Email Spamming

Filed under: Asides | January 24th, 2005
Post

The MT sites I host have been getting hammered with this email spamming flaw that allows arbitrary emails to be sent out from any MT installation. Fortunately I can block it (though bluntly) through mod_security. If you run MT, please delete the comments script until a fix is out. Will link to more information as it’s available. Update: More at TextDrive. Update: Fix available. (8)

8 Responses

Jay Allen | January 24th, 2005 @ 6:33 pm

About to release a patch…

Matt | January 24th, 2005 @ 6:36 pm

That was fast!

Jay Allen | January 24th, 2005 @ 7:32 pm

The changes are small enough to print on a t-shirt. Look to CafePress soon for all of you bug fix gear.

Pingback: 8 Ways to Sunday

Adam M. | January 24th, 2005 @ 8:29 pm

This just in:

The patch has been made available in both upgrade and plug-in flavors. The plug-in is compatible with MT 3.x and 2.661, thank God.

(props: Brad Choate, via the TextDrive forums)

Scott Johnson | January 25th, 2005 @ 10:23 am

It sure was nice to be able to upgrade before the problem ever affected me. The folks at Six Apart are really getting good at this stuff! :)

Michael Heilemann | January 26th, 2005 @ 10:56 pm

Then maybe now I can finally get in contact with my SQL server again :D

Pingback: Binary Bonsai » Archive » Reason for Bonsai Downtime

Share your thoughts

Some Projects

automattic.com
wordpress.org wordpress.com bbpress.org

Archives

See Also

Get RSS Feed

Subscribe to Ma.tt

Get RSS FEED
This page took 0.161 seconds of computer labor to produce. This blog was formerly known as Photo Matt, and lived at photomatt .net. Proudly powered by WordPress. Also powered by ramen noodles, XFN, Ping-O-Matic, and love.

Copyright © 1984–2008 Matthew Mullenweg.