Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:12947
[Eng]
Version
7
Class
patch
ALTXid
30484
Language
Russian
Severity
NotAvailable
Title
Обновление DSA-1871-2 wordpress - несколько уязвимостей
Description
The previous wordpress update introduced a regression when fixing CVE-2008-4769 due to a function that was not backported with the patch. Please note that this regression only affects the oldstable distribution . For reference the original advisory text follows. Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-6762 It was discovered that wordpress is prone to an open redirect vulnerability which allows remote attackers to conduct phishing atacks. CVE-2008-6767 It was discovered that remote attackers had the ability to trigger an application upgrade, which could lead to a denial of service attack. CVE-2009-2334 It was discovered that wordpress lacks authentication checks in the plugin configuration, which might leak sensitive information. CVE-2009-2854 It was discovered that wordpress lacks authentication checks in various actions, thus allowing remote attackers to produce unauthorised edits or additions. CVE-2009-2851 It was discovered that the administrator interface is prone to a cross-site scripting attack. CVE-2009-2853 It was discovered that remote attackers can gain privileges via certain direct requests. CVE-2008-1502 It was discovered that the _bad_protocol_once function in KSES, as used by wordpress, allows remote attackers to perform cross-site scripting attacks. CVE-2008-4106 It was discovered that wordpress lacks certain checks around user information, which could be used by attackers to change the password of a user. CVE-2008-4769 It was discovered that the get_category_template function is prone to a directory traversal vulnerability, which could lead to the execution of arbitrary code. CVE-2008-4796 It was discovered that the _httpsrequest function in the embedded snoopy version is prone to the execution of arbitrary commands via shell metacharacters in https URLs. CVE-2008-5113 It was discovered that wordpress relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier to perform attacks via crafted cookies. For the stable distribution , these problems have been fixed in version 2.5.1-11+lenny1. For the oldstable distribution , these problems have been fixed in version 2.0.10-1etch5. For the testing distribution and the unstable distribution , these problems have been fixed in version 2.8.3-1. We recommend that you upgrade your wordpress packages.
Family
unix
Platform
Debian GNU/Linux 4.0
Product
wordpress
Reference
VENDOR: DSA-1871-2
VENDOR: DSA-1871-2
Id:
DSA-1871-2
Reference:
http://lists.debian.org/debian-security-announce/2009/msg00193.html
CVE: CVE-2008-6762
CVE: CVE-2008-6762
Id:
CVE-2008-6762
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6762
Comment
: Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE:
59 (Improper Link Resolution Before File Access ('Link Following'))
References:
20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS (BUGTRAQ)
52213 (OSVDB)
DSA-1871 (DEBIAN)
wordpress-upgrade-phishing(50382) (XF)
CVE: CVE-2008-6767
CVE: CVE-2008-6767
Id:
CVE-2008-6767
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6767
Comment
: wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.
CVSSv2 Score:
10
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS (BUGTRAQ)
DSA-1871 (DEBIAN)
wordpress-upgrade-sec-bypass(50384) (XF)
CVE: CVE-2009-2334
CVE: CVE-2009-2334
Id:
CVE-2009-2334
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334
Comment
: wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify this file, as demonstrated by the (1) collapsing-archives/options.txt, (2) akismet/readme.txt, (3) related-ways-to-take-action/options.php, (4) wp-security-scan/securityscan.php, and (5) wp-ids/ids-admin.php files. NOTE: this can be leveraged for cross-site scripting (XSS) and denial of service.
CVSSv2 Score:
4.9
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
SINGLE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:S/C:P/I:P/A:N
CWE:
287 (Improper Authentication)
References:
http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked (MISC)
1022528 (SECTRACK)
http://wordpress.org/development/2009/07/wordpress-2-8-1/ (CONFIRM)
DSA-1871 (DEBIAN)
9110 (EXPLOIT-DB)
55712 (OSVDB)
55715 (OSVDB)
20090708 CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information (BUGTRAQ)
35584 (BID)
ADV-2009-1833 (VUPEN)
FEDORA-2009-8529 (FEDORA)
FEDORA-2009-8538 (FEDORA)
FEDORA-2009-7701 (FEDORA)
FEDORA-2009-7729 (FEDORA)
CVE: CVE-2009-2854
CVE: CVE-2009-2854
Id:
CVE-2009-2854
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2854
Comment
: Wordpress before 2.8.3 does not check capabilities for certain actions, which allows remote attackers to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5) edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php, (8) import.php, or (9) link-add.php in wp-admin/.
CVSSv2 Score:
6.4
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:N
CWE:
264 (Permissions, Privileges, and Access Controls)
References:
http://core.trac.wordpress.org/changeset/11765 (CONFIRM)
http://core.trac.wordpress.org/changeset/11766 (CONFIRM)
http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ (CONFIRM)
DSA-1871 (DEBIAN)
[oss-security] 20090804 CVE request: Wordpress (MLIST)
CVE: CVE-2009-2851
CVE: CVE-2009-2851
Id:
CVE-2009-2851
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2851
Comment
: Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE:
79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References:
http://bugs.gentoo.org/show_bug.cgi?id=278492 (CONFIRM)
1022589 (SECTRACK)
http://wordpress.org/development/2009/07/wordpress-2-8-2/ (CONFIRM)
DSA-1871 (DEBIAN)
[oss-security] 20090721 CVE Request -- WordPress (MLIST)
https://bugzilla.redhat.com/show_bug.cgi?id=512900 (CONFIRM)
FEDORA-2009-8109 (FEDORA)
FEDORA-2009-8114 (FEDORA)
CVE: CVE-2009-2853
CVE: CVE-2009-2853
Id:
CVE-2009-2853
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2853
Comment
: Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/.
CVSSv2 Score:
10
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE:
264 (Permissions, Privileges, and Access Controls)
References:
http://core.trac.wordpress.org/changeset/11768 (CONFIRM)
http://core.trac.wordpress.org/changeset/11769 (CONFIRM)
http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ (CONFIRM)
DSA-1871 (DEBIAN)
[oss-security] 20090804 CVE request: Wordpress (MLIST)
CVE: CVE-2008-1502
CVE: CVE-2008-1502
Id:
CVE-2008-1502
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1502
Comment
: The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing crafted URL protocols.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE:
79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References:
http://docs.moodle.org/en/Release_Notes#Moodle_1.8.5 (CONFIRM)
SUSE-SR:2008:015 (SUSE)
29491 (SECUNIA)
30073 (SECUNIA)
30986 (SECUNIA)
31017 (SECUNIA)
31018 (SECUNIA)
31167 (SECUNIA)
32400 (SECUNIA)
32446 (SECUNIA)
DSA-1691 (DEBIAN)
DSA-1871 (DEBIAN)
http://www.egroupware.org/changelog (CONFIRM)
http://www.egroupware.org/viewvc/branches/1.4/phpgwapi/inc/class.kses.inc.php?r1=23625&r2=25110&pathrev=25110 (MISC)
GLSA-200805-04 (GENTOO)
[oss-security] 20080708 Re: CVE request: moodle xss in < 1.8.5 (MLIST)
28424 (BID)
ADV-2008-0989 (VUPEN)
egroupware-badprotocolonce-security-bypass(41435) (XF)
USN-658-1 (UBUNTU)
FEDORA-2008-6226 (FEDORA)
CVE: CVE-2008-4106
CVE: CVE-2008-4106
Id:
CVE-2008-4106
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4106
Comment
: WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
CVSSv2 Score:
5.1
Access vector:
NETWORK
Access complexity:
HIGH
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
CWE:
20 (Improper Input Validation)
References:
[oss-security] 20080916 Re: CVE request: wordpress < 2.6.2 (MLIST)
31737 (SECUNIA)
31870 (SECUNIA)
4272 (SREASON)
1020869 (SECTRACK)
http://wordpress.org/development/2008/09/wordpress-262/ (CONFIRM)
DSA-1871 (DEBIAN)
[oss-security] 20080911 CVE request: wordpress < 2.6.2 (MLIST)
20080911 Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability (BUGTRAQ)
31068 (BID)
http://www.sektioneins.de/advisories/SE-2008-05.txt (MISC)
http://www.suspekt.org/2008/08/18/mysql-and-sql-column-truncation-vulnerabilities/ (MISC)
ADV-2008-2553 (VUPEN)
6397 (EXPLOIT-DB)
6421 (EXPLOIT-DB)
FEDORA-2008-7760 (FEDORA)
FEDORA-2008-7902 (FEDORA)
CVE: CVE-2008-4769
CVE: CVE-2008-4769
Id:
CVE-2008-4769
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4769
Comment
: Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information.
CVSSv2 Score:
9.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE:
22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
References:
29949 (SECUNIA)
http://trac.wordpress.org/changeset/7586 (MISC)
DSA-1871 (DEBIAN)
http://www.juniper.fi/security/auto/vulnerabilities/vuln28845.html (MISC)
28845 (BID)
wordpress-cat-directory-traversal(41920) (XF)
CVE: CVE-2008-4796
CVE: CVE-2008-4796
Id:
CVE-2008-4796
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4796
Comment
: The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
CVSSv2 Score:
10
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE:
78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'))
References:
JVN#20502807 (JVN)
JVNDB-2008-000074 (JVNDB)
http://sourceforge.net/forum/forum.php?forum_id=879959 (CONFIRM)
32361 (SECUNIA)
[oss-security] 20081101 CVE-2008-4796: snoopy triage (MLIST)
31887 (BID)
DSA-1691 (DEBIAN)
DSA-1871 (DEBIAN)
ADV-2008-2901 (VUPEN)
https://www.nagios.org/projects/nagios-core/history/4x/ (CONFIRM)
GLSA-201702-26 (GENTOO)
snoopy-snoopyclass-command-execution(46068) (XF)
20080907 xoops-1.3.10 shell command execute vulnerability ( causing snoopy class ) (BUGTRAQ)
CVE: CVE-2008-5113
CVE: CVE-2008-5113
Id:
CVE-2008-5113
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5113
Comment
: WordPress 2.6.3 relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier for remote attackers to conduct delayed and persistent cross-site request forgery (CSRF) attacks via crafted cookies, as demonstrated by attacks that (1) delete user accounts or (2) cause a denial of service (loss of application access). NOTE: this issue relies on the presence of an independent vulnerability that allows cookie injection.
CVSSv2 Score:
4
Access vector:
NETWORK
Access complexity:
HIGH
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:H/Au:N/C:N/I:P/A:P
CWE:
352 ()
References:
http://bugs.debian.org/504771 (CONFIRM)
[oss-security] 20081113 CVE request: wordpress can be subject of delayed attacks via cookies (MLIST)
DSA-1871 (DEBIAN)
wordpress-request-weak-security(46698) (XF)
Content available only for registered users!
ovaldb@altx-soft.com