Movable Type Security Hole

If you use Movable Type, you need to read this and this right away, and then you need to get on the horn to your webmaster instantly and tell them they’ve got a big fucking problem on their hands.

The short summary: Movable Type can be turned into an open spam relay if you
poke one of their default scripts the right way, and this is already being exploited in the wild.

Shaver, wise and powerful, has instantly fixed the problem on this machine, but if you’ve got your own MT stuff running, you need to either fix it right now or phone somebody who can.

Quick fix: chmod 000 mt-send-entry.cgi


  1. Posted November 27, 2003 at 4:48 pm | Permalink

    Plugged. Thanks for pointing this out, Mike.

  2. Mike Hoye
    Posted November 27, 2003 at 6:30 pm | Permalink

    Honour to serve, etc.

  3. Posted November 28, 2003 at 3:53 am | Permalink

    Another quick fix:

    rm mt-send-entry.cgi

    Unless you’ve deliberately enable this feature, you’ll never notice.

  4. Mike Hoye
    Posted November 28, 2003 at 3:01 pm | Permalink

    Yeah, I put that up before I’d figured out if it was patchable, or if a patch was going to be issued or whatever.

  5. Posted December 1, 2003 at 12:41 pm | Permalink

    Thanks for the heads-up.