[wp-hackers] 1.5.2 SQL Injection

steve caturan scaturan at negimaki.com
Mon Mar 6 15:59:06 GMT 2006


interesting enough:

  ------- Comment #6 From Patrik Karlsson  2006-02-12 23:14 PST  [reply] 
-------

I contacted wordpress through their security at wordpress.org e-mail 
address the 6th of February but haven't heard anything. I sent a new 
mail today. I guess they don't care about vulnerabilities in their older 
versions. I don't know how many other distributions still ship with 1.5.2.

from http://bugs.gentoo.org/show_bug.cgi?id=121661

Podz wrote:
> http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml
> 
> Description
> 
> Patrik Karlsson reported that WordPress 1.5.2 makes use of an
> insufficiently filtered User Agent string in SQL queries related to
> comments posting. This vulnerability was already fixed in the 2.0-series
> of WordPress.
> 
> Impact
> 
> An attacker could send a comment with a malicious User Agent parameter,
> resulting in SQL injection and potentially in the subversion of the
> WordPress database. This vulnerability wouldn't affect WordPress sites
> which do not allow comments or which require that comments go through a
> moderator.
> 
> Reported in the forums:
> http://wordpress.org/support/topic/63734?replies=3#post-339189
> 
> There are a lot of people still using 1.5.2
> Can this be patched so an upgrade does not have to be the response ?
> 
> An announcement is also called for surely ?
> 
> P.
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
> 
> 
> 




More information about the wp-hackers mailing list