« I Can Think Of Worse Titles | Main | A Little Too Real »

Don't Become An Unknowing Source Of Spam

Posted by Kevin

Published: November 26, 2003 - 9:33 AM

Girlie is out with an urgent fix Movable Type users should make today!

If you are using Movable Type's "Mail This Entry" feature on your blog, you are advised to rename your mt-send-entry.cgi file, or remove the feature entirely.

If you are not using the feature on your blog, you still need to either rename the script, disable it by changing the permissions, or remove it from your server altogether.

Spammers have discovered a means of using this script to send messages that will appear to be coming from your server.

The best advice at this point seems to be to rename the mt-send-entry.cgi file. Ben Trott has a code modification fix you can make now, and the bug will be fixed in the next version of MT.

Kudos to Woody for bringing it to everyones attention.

Update: Movable Type has issued a revised version of the file. If you're not using the functionality, there advice is to delete the file.

  • Currently 0/5
  • 1
  • 2
  • 3
  • 4
  • 5
Rating: 0/5 (0 votes cast)

| Linking Blogs | Sphere: Related Content | Digg this! | FARK It!
Filed under: Tech Stuff

AddThis Feed Button

TrackBack

Listed below are links to weblogs that reference Don't Become An Unknowing Source Of Spam:

» King of Fools linked with Stop Spam

» Res Ipsa Loquitur linked with Important Anti-Spam MT Fix

» Blog House linked with MT vulnerability

» Chaos Magnet linked with Movable Type spam vulnerability

Comments (3)

Anybody know if there's a s... (Below threshold)

1. Posted by jen | November 26, 2003 11:36 AM | Score: 0 (0 votes cast)
jen:

Anybody know if there's a similar problem for pMachine users?

1. Posted by jen | November 26, 2003 11:36 AM | Vote up Vote down Report this comment Score: 0 (0 votes cast)

Posted on November 26, 2003 11:36

You do mean rename 'mt-send... (Below threshold)

2. Posted by King of Fools | November 26, 2003 12:22 PM | Score: 0 (0 votes cast)
King of Fools:

You do mean rename 'mt-send-entry.cgi', right?

2. Posted by King of Fools | November 26, 2003 12:22 PM | Vote up Vote down Report this comment Score: 0 (0 votes cast)

Posted on November 26, 2003 12:22

pMachine seems ok for now. ... (Below threshold)

3. Posted by Kathy K | November 27, 2003 10:57 AM | Score: 0 (0 votes cast)
Kathy K:

pMachine seems ok for now. Though that's possibly because it's not quite as widely used and just hasn't been targeted yet...

3. Posted by Kathy K | November 27, 2003 10:57 AM | Vote up Vote down Report this comment Score: 0 (0 votes cast)

Posted on November 27, 2003 10:57




Advertisements









rightads.gif

beltwaybloggers.gif

insiderslogo.jpg

mba_blue.gif

Search


Follow Wizbang

Follow Wizbang on FacebookFollow Wizbang on TwitterSubscribe to Wizbang feedWizbang Mobile

Contact

Send e-mail tips to us:

tips@wizbangblog.com

Subscribe Via E-Mail

Get Wizbang in your inbox by submitting your email address below.

Get notified by post
Get daily summaries

Fresh Links

The Wizbang® Network

Credits

Section Editor: Maggie Whitton

Editors: Jay Tea, Lorie Byrd, Kim Priestap, DJ Drummond, Michael Laprarie, Baron Von Ottomatic, Shawn Mallow, Rick, Dan Karipides, Michael Avitablile, Charlie Quidnunc, Steve Schippert

Emeritus: Paul, Mary Katherine Ham, Jim Addison, Alexander K. McClure, Cassy Fiano, Bill Jempty, John Stansbury, Rob Port

In Memorium: HughS

All original content copyright © 2003-2010 by Wizbang®, LLC. All rights reserved. Wizbang® is a registered service mark.

Powered by Movable Type Pro 4.361

Hosting by ServInt

Ratings on this site are powered by the Ajax Ratings Pro plugin for Movable Type.

Search on this site is powered by the FastSearch plugin for Movable Type.

Blogrolls on this site are powered by the MT-Blogroll.

Temporary site design is based on Cutline and Cutline for MT. Graphics by Apothegm Designs.

Author Login



Terms Of Service

DCMA Compliance Notice

Privacy Policy