Current Activity - Increased Exploitation in Web Content Management Systems

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Awareness System

US-CERT Current Activity
Increased Exploitation in Web Content Management Systems

Original release date: September 21, 2012
Last revised: --

US-CERT is aware of recent increases in the exploitation of known
vulnerabilities in web content management systems (CMSs) such as
Wordpress and Joomla. Compromised CMS installations can be used to host
malicious content.

US-CERT recommends that users and administrators ensure that their CMS
installations are patched or upgraded to remove known vulnerabilities.
This may require contacting the hosting provider. Also, users and
administrators can check for known vulnerabilities in the National
Vulnerability Database by searching their CMS by name.

Relevant URL(s):
<http://web.nvd.nist.gov/view/vuln/search>


____________________________________________________________________

   Produced by US-CERT, a government organization.
____________________________________________________________________

This product is provided subject to this Notification:
http://www.us-cert.gov/privacy/notification.html

Privacy & Use policy:
http://www.us-cert.gov/privacy/

This document can also be found at
http://www.us-cert.gov/current/#increase_exploitation_in_web_content

For instructions on subscribing to or unsubscribing from this
mailing list, visit http://www.us-cert.gov/cas/signup.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBUFzb0ndnhE8Qi3ZhAQJjWgf+M/pDbexLZ6eRyRaqsE0LcePYpcwPnDqD
5CjtzLcT7vxW7AW+R5Hblsun+UKUPOBNeFH2X/IuZKvd6XKTZNopkxwVD6fkGPB1
/1zNA9sYcWnAx93g6Qqyn7uOCSqJDYNewLUEpiqUe7c8TqV1MFrnP75kW2MefFXN
ty6HK63euzCCNy7CJC2QBrPhJtW1gY/3t7nWb6EYcgQl7TB9GOKEXvWGdCOTfRj3
nQzzNEjNSolYBXxz9TFKaXOXJk2mKA2+D2nvTWdpPtYG+2vyoJlU5l4n3eoHAcfi
Uz036mkP7uHkYCHHDcNveajQpk+54cnM/xD7rgRynv1uJPZzVHunvg==
=hf3g
-----END PGP SIGNATURE-----