Bug 181277

Summary:	www-apps/wordpress SQL injection
Product:	Gentoo Security	Reporter:	Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	normal	CC:	trenton.d.adams, web-apps
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://secunia.com/advisories/25552/
Whiteboard:
Package list:		Runtime testing required:	---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-06-08 06:40:59 UTC

Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks.
 
 Input passed to the "wp.suggestCategories" method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
 
 Successful exploitation allows e.g. retrieving usernames and password hashes, but requires valid user credentials and knowledge of the database table prefix.
 
 The vulnerability is confirmed in version 2.2. Other versions may also be affected.

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2007-06-08 13:56:27 UTC

This has been already package.masked due to security bugs (i.e., security unsupported).

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-06-08 14:30:10 UTC

Oh, sorry for the noise. I only thought it was unstable.

Comment 3 Tobias Scherbaum (RETIRED) gentoo-dev

2007-06-10 07:47:15 UTC

*** Bug 181513 has been marked as a duplicate of this bug. ***