181277 – www-apps/wordpress SQL injection

Bug 181277 - www-apps/wordpress SQL injection

Summary: www-apps/wordpress SQL injection

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal
Assignee:	Gentoo Security

URL:	http://secunia.com/advisories/25552/
Whiteboard:
Keywords:

Duplicates (1):	181513 (view as bug list)
Depends on:
Blocks:

Reported:	2007-06-08 06:40 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified:	2007-06-10 07:47 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-06-08 06:40:59 UTC

Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks.
 
 Input passed to the "wp.suggestCategories" method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
 
 Successful exploitation allows e.g. retrieving usernames and password hashes, but requires valid user credentials and knowledge of the database table prefix.
 
 The vulnerability is confirmed in version 2.2. Other versions may also be affected.

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2007-06-08 13:56:27 UTC

This has been already package.masked due to security bugs (i.e., security unsupported).

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-06-08 14:30:10 UTC

Oh, sorry for the noise. I only thought it was unstable.

Comment 3 Tobias Scherbaum (RETIRED) gentoo-dev

2007-06-10 07:47:15 UTC

*** Bug 181513 has been marked as a duplicate of this bug. ***