Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title New wordpress packages fix multiple vulnerabilities
Informations
Name DSA-1285 First vendor Publication 2007-05-01
Vendor Debian Last vendor Modification 2007-05-01
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score 6.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

CVE-2007-1622 Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.

CVE-2007-1893 WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to "publish a previously saved post."

CVE-2007-1894 Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wp_title function.

CVE-2007-1897 SQL injection vulnerability in xmlrpc.php in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.

For the stable distribution (etch) these issues have been fixed in version 2.0.10-1.

For the testing and unstable distributions (lenny and etch, respectively), these issues have been fixed in version 2.1.3-1

We recommend that you upgrade your wordpress package.

Original Source

Url : http://www.debian.org/security/2007/dsa-1285

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-264 Permissions, Privileges, and Access Controls
50 % CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:20115
 
Oval ID: oval:org.mitre.oval:def:20115
Title: DSA-1285-1 wordpress
Description: Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.
Family: unix Class: patch
Reference(s): DSA-1285-1
CVE-2007-1622
CVE-2007-1893
CVE-2007-1894
CVE-2007-1897
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): wordpress
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 122

Open Source Vulnerability Database (OSVDB)

Id Description
34351 WordPress xmlrpc.php XML RPC mt.setPostCategories Method Call SQL Injection
34350 WordPress xmlrpc.php publish_posts Functionality Access Restriction Bypass
34348 WordPress wp-admin/vars.php PHP_SELF Parameter XSS
33978 WordPress wp-includes/general-template.php year Variable wp_title Function XSS

Snort® IPS/IDS

Date Description
2017-08-08 WordPress wp_title function cross site scripting attempt
RuleID : 43458 - Revision : 2 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2007-05-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1285.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:26:36
  • Multiple Updates