Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 280346 - <www-apps/wordpress-2.8.3: wp-admin/admin.php multiple vulnerabilities, incomplete fix of (CVE-2009-{2334,2853,2854})
Summary: <www-apps/wordpress-2.8.3: wp-admin/admin.php multiple vulnerabilities, incom...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://wordpress.org/development/2009...
Whiteboard: ~1 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-08-04 17:19 UTC by Alex Legler (RETIRED)
Modified: 2009-08-19 09:40 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-08-04 17:19:30 UTC
+++ This bug was initially created as a clone of Bug #277377 +++

"Unfortunately, I missed some places when fixing the privilege escalation issues for 2.8.1."

Given the upstream statement and the changesets (see below), it looks
like an incomplete fix for CVE-2009-2334.

Changes:
http://core.trac.wordpress.org/changeset/11769
http://core.trac.wordpress.org/changeset/11769
http://core.trac.wordpress.org/changeset/11766
http://core.trac.wordpress.org/changeset/11765
Comment 1 Tobias Scherbaum (RETIRED) gentoo-dev 2009-08-04 17:41:33 UTC
+*wordpress-2.8.3 (04 Aug 2009)
+
+  04 Aug 2009; Tobias Scherbaum <dertobi123@gentoo.org>
+  -wordpress-2.8.2.ebuild, +wordpress-2.8.3.ebuild:
+  Bump for yet another security fix, #280346
+
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-08-04 17:52:40 UTC
Thanks, closing.
Comment 3 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-08-19 09:40:50 UTC
CVE-2009-2853 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2853):
  Wordpress before 2.8.3 allows remote attackers to gain privileges via
  a direct request to (1) admin-footer.php, (2) edit-category-form.php,
  (3) edit-form-advanced.php, (4) edit-form-comment.php, (5)
  edit-link-category-form.php, (6) edit-link-form.php, (7)
  edit-page-form.php, and (8) edit-tag-form.php in wp-admin/.

CVE-2009-2854 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2854):
  Wordpress before 2.8.3 does not check capabilities for certain
  actions, which allows remote attackers to make unauthorized edits or
  additions via a direct request to (1) edit-comments.php, (2)
  edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5)
  edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php,
  (8) import.php, or (9) link-add.php in wp-admin/.