Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 219912 (CVE-2008-1930)

Summary: Wordpress 2.5 Cookie Integrity Protection Vulnerability (CVE-2008-1930,CVE-2008-2068)
Product: Gentoo Security Reporter: Bernd Marienfeldt <bernd>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0696.html
Whiteboard:
Package list:
Runtime testing required: ---

Description Bernd Marienfeldt 2008-05-01 09:35:58 UTC 
An attacker, who is able to register a specially crafted username on
 a Wordpress 2.5 installation, is able to generate authentication
 cookies for other chosen accounts.

 This vulnerability exists because it is possible to modify
 authentication cookies without invalidating the cryptographic
 integrity protection.

 If a Wordpress blog is configured to freely permit account creation,
 a remote attacker can gain Wordpress-administrator access and then
 elevate this to arbitrary code execution as the web server user.

 The vulnerability is fixed in Wordpress 2.5.1
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-05-02 09:52:30 UTC 
Thanks for the report.

2.5.1 is already in the tree, but still in p.mask.

*** This bug has been marked as a duplicate of bug 168529 ***
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2008-05-06 15:47:27 UTC 
This also fixed CVE-2008-2068 (XSS).