Home » , , , » Default Configuration Flaw in W3 Total Cache Exposes Tens of Thousands of Sites

Default Configuration Flaw in W3 Total Cache Exposes Tens of Thousands of Sites

Written By mediana saputra on Friday, 28 December 2012 | 10:05

wordpress
W3 Total Cache, which boasts high-traffic sites like Mashable and Lockergnome among its users, has serious vulnerabilities, according to this post on the Full Disclosure list.

The default setup – that is, when users simply choose “add plugin” from the WordPress catalogue – left cache directory listings enabled, according to poster Jason Donenfield.

This, he said, allows database cache keys to be downloaded on vulnerable installations – and that could expose password hashes. “A simple google search of "inurl:wp-content/plugins/w3tc/dbcache" and maybe some other magic reveals this wasn't just an issue for me”, he writes.

Donenfield later amended the search term to “inurl:wp-content/w3tc”.

“Even with directory listings off,” he continues, “cache files are by default publicly downloadable, and the key values / file name of the database cache items are easily predictable.”

Donenfield says the developer of the plug-in intends to release a fix “soon”. In the meantime, he notes that “deny from all” should be set in the .htaccess file.
Share this article :

Post a Comment

 
Support : Creating Website | Johny Template | Mas Template
Copyright © 2011. Turorial Grapich Design and Blog Design - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by Blogger