Attackers can reset other users' Wordpress passwords
WordPress developers have released WordPress 2.6.2 and advise users to urgently update to this release. Due to an error in involving SQL column truncation, on WordPress sites with open registration it is possible to craft a new user name which will overwrite another users password with a password based on a random value. On its own, this would be an annoyance, but in combination with a weakness in random number generation in mt_rand() meant it could be possible to predict the randomly generated password.
Further details about possible abuse of the problems is due to be published by Stefan Esser who discovered them. WordPress 2.6.1 and all earlier versions are affected. Also affected are other PHP applications which use earlier versions of the PHP security framework Suhosin; users are advised to upgrade to the current release.
The WordPress 2.6.2 release also includes a handful of bug fixes.