Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 161278 - www-apps/wordpress (versions <= 2.0.6) wp-trackback.php Remote SQL Injection
Summary: www-apps/wordpress (versions <= 2.0.6) wp-trackback.php Remote SQL Injection
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.milw0rm.com/exploits/3109
Whiteboard: C3 [noglsa]
Keywords:
: 162302 (view as bug list)
Depends on:
Blocks:
 
Reported: 2007-01-10 05:55 UTC by Executioner
Modified: 2007-01-22 16:56 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
www-apps/wordpress (versions <= 2.0.6) wp-trackback.php Remote SQL Injection exploit (wordpress_exploit.php,7.40 KB, text/plain)
2007-01-10 07:36 UTC, Emanuele Gentili 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Executioner 2007-01-10 05:55:01 UTC 
http://www.milw0rm.com/exploits/3109

Reproducible: Didn't try
Comment 1 Emanuele Gentili 2007-01-10 07:19:49 UTC 
millw0rm is down,

see this advisory POC:

http://www.securityfocus.com/archive/1/455927
Comment 2 Emanuele Gentili 2007-01-10 07:36:48 UTC 
Created attachment 106318 [details]
www-apps/wordpress (versions <= 2.0.6) wp-trackback.php Remote SQL Injection exploit

the first past is wrong, I'm sorry.

this attach contain milw0rm exploit about wp-trackback.php Remote SQL Injection.
Comment 3 Matthias Geerdsen (RETIRED) gentoo-dev 2007-01-16 14:23:39 UTC 
fixed in 2.0.7 it seems:

http://wordpress.org/development/2007/01/wordpress-207/

web-apps, pls update
Comment 4 Matthias Geerdsen (RETIRED) gentoo-dev 2007-01-16 14:29:06 UTC 
*** Bug 162302 has been marked as a duplicate of this bug. ***
Comment 5 Steve Dibb (RETIRED) gentoo-dev 2007-01-17 03:53:22 UTC 
2.0.7 in CVS
Comment 6 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-01-17 22:31:11 UTC 
Security team please vote.

the exploit comments say:
"(needs register_globals=on, 4 <= PHP < 4.4.3,< 5.1.4)"

---> trash

i vote No.
Comment 7 Matthias Geerdsen (RETIRED) gentoo-dev 2007-01-22 16:56:24 UTC 
agreed, closing


from wordpress.org:

Here are the changes that have been made since 2.0.6:

    * Security fix for wp_unregister_GLOBALS() to work around the zend_hash_del_key_or_index bug in PHP 4 versions less than 4.4.3 and PHP 5 versions less than 5.1.4 with register_globals set to “On.”

[...]