237406 – (CVE-2008-4106) www-apps/wordpress < 2.6.2: MySQL table truncation (CVE-2008-4106)

Bug 237406 (CVE-2008-4106) - www-apps/wordpress < 2.6.2: MySQL table truncation (CVE-2008-4106)

Summary: www-apps/wordpress < 2.6.2: MySQL table truncation (CVE-2008-4106)

Status:	RESOLVED FIXED

Alias:	CVE-2008-4106

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Gentoo Security

URL:	http://wordpress.org/development/2008...
Whiteboard:	~3 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2008-09-11 17:27 UTC by Hanno Böck
Modified:	2008-09-21 14:15 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Hanno Böck gentoo-dev

2008-09-11 17:27:00 UTC

I know wordpress is not security supportet atm, but anyway I think we should bump it. 2.6.1 also had some security fixes afair and is not yet in the tree.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2008-09-19 15:28:20 UTC

CVE-2008-4106 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4106):
  WordPress before 2.6.2 does not properly handle MySQL warnings about
  insertion of username strings that exceed the maximum column width of
  the user_login column, and does not properly handle space characters
  when comparing usernames, which allows remote attackers to change an
  arbitrary user's password to a random value by registering a similar
  username and then requesting a password reset, related to a "SQL
  column truncation vulnerability." NOTE: the attacker can discover the
  random password by also exploiting CVE-2008-4107.

Comment 2 Gunnar Wrobel (RETIRED) gentoo-dev

2008-09-21 13:28:09 UTC

Removed wordpress-2.5.1, -2.6, added 2.6.2. Security masked anyway. Webapps done.