Joined: 12 May 2004
|Posted: Fri Jun 09, 2006 10:26 pm Post subject: [ GLSA 200606-08 ] WordPress: Arbitrary command execution
|Gentoo Linux Security Advisory
Title: WordPress: Arbitrary command execution (GLSA 200606-08)
Date: June 09, 2006
Updated: June 10, 2006
WordPress fails to sufficiently check the format of cached username data.
WordPress is a PHP and MySQL based content management and publishing system.
Vulnerable: < 2.0.3
Unaffected: >= 2.0.3
Architectures: All supported architectures
rgod discovered that WordPress insufficiently checks the format of cached username data.
An attacker could exploit this vulnerability to execute arbitrary commands by sending a specially crafted username. As of Wordpress 2.0.2 the user data cache is disabled by default.
There are no known workarounds at this time.
All WordPress users should upgrade to the latest available version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/wordpress-2.0.3"
Last edited by GLSA on Sun Jul 30, 2006 4:18 am; edited 3 times in total