diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /metadata/glsa/glsa-200701-10.xml |
reinit the tree, so we can have metadata
Diffstat (limited to 'metadata/glsa/glsa-200701-10.xml')
-rw-r--r-- | metadata/glsa/glsa-200701-10.xml | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/metadata/glsa/glsa-200701-10.xml b/metadata/glsa/glsa-200701-10.xml new file mode 100644 index 000000000000..354f12b29fdd --- /dev/null +++ b/metadata/glsa/glsa-200701-10.xml @@ -0,0 +1,75 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="200701-10"> + <title>WordPress: Multiple vulnerabilities</title> + <synopsis> + WordPress is vulnerable to SQL injection, information disclosure, and + cross-site scripting attacks. + </synopsis> + <product type="ebuild">wordpress</product> + <announced>2007-01-15</announced> + <revised>2007-01-15: 01</revised> + <bug>159229</bug> + <access>remote</access> + <affected> + <package name="www-apps/wordpress" auto="yes" arch="*"> + <unaffected range="ge">2.0.6</unaffected> + <vulnerable range="lt">2.0.6</vulnerable> + </package> + </affected> + <background> + <p> + WordPress is a popular personal publishing platform with a web + interface. + </p> + </background> + <description> + <p> + When decoding trackbacks with alternate character sets, WordPress does + not correctly sanitize the entries before further modifying a SQL + query. WordPress also displays different error messages in wp-login.php + based upon whether or not a user exists. David Kierznowski has + discovered that WordPress fails to properly sanitize recent file + information in /wp-admin/templates.php before sending that information + to a browser. + </p> + </description> + <impact type="normal"> + <p> + An attacker could inject arbitrary SQL into WordPress database queries. + An attacker could also determine if a WordPress user existed by trying + to login as that user, better facilitating brute force attacks. Lastly, + an attacker authenticated to view the administrative section of a + WordPress instance could try to edit a file with a malicious filename; + this may cause arbitrary HTML or JavaScript to be executed in users' + browsers viewing /wp-admin/templates.php. + </p> + </impact> + <workaround> + <p> + There is no known workaround at this time. + </p> + </workaround> + <resolution> + <p> + All WordPress users should upgrade to the latest version: + </p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apps/wordpress-2.0.6"</code> + </resolution> + <references> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6808">CVE-2006-6808</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0107">CVE-2007-0107</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0109">CVE-2007-0109</uri> + </references> + <metadata tag="requester" timestamp="2007-01-08T10:45:23Z"> + vorlon + </metadata> + <metadata tag="submitter" timestamp="2007-01-09T13:32:54Z"> + shellsage + </metadata> + <metadata tag="bugReady" timestamp="2007-01-12T13:12:39Z"> + falco + </metadata> +</glsa> |