What made the recent XML RPC exploits so serious? The fact that each PHP application implementing XML-RPC has taken a static copy of one library, which needed to be individually patched.

That's why code sharing is so important. Look at the list of vulnerable apps: Drupal; wordpress; Xoops; the PEAR copy; what looks like the original; Serendipity; phpMyFaq...

Comments

✏ comment on this page (Help on commenting) ⏳