[wp-hackers] WordPress: Arbitrary command execution?
Peter Westwood
peter.westwood at ftwr.co.uk
Mon Jun 12 09:29:05 GMT 2006
On Mon, June 12, 2006 10:13 am, Ryan Duff wrote:
> Computer Guru wrote:
>> Have you finished reading the entry?
>>
>>
>>
>> ----------------------------------------------------------------------------
>> ----
>> Package / Vulnerable / Unaffected
>> ----------------------------------------------------------------------------
>> ----
>> 1 www-apps/wordpress < 2.0.3 >= 2.0.3
>>
>>
>>
>> As you can see, it has been fixed - later on in that page:
>>
>> Resolution
>> All WordPress users should upgrade to the latest available version.
>
> Did you finish reading the entry? Not fixed... disabled by default. The
> problem could potentially exist if the user data cache is enabled again.
>
> "Impact
>
> An attacker could exploit this vulnerability to execute arbitrary
> commands by sending a specially crafted username. As of Wordpress 2.0.2
> the user data cache is disabled as the default."
>
>
No. It is fixed in 2.0.3. The cache was disabled by default in 2.0.2.
The following change removed any chance for this exploit or any similar
one working against the cache: http://trac.wordpress.org/changeset/3797
westi
--
Peter Westwood <peter.westwood at ftwr.co.uk>
http://blog.ftwr.co.uk
More information about the wp-hackers
mailing list