| VID |
210032 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The WordPress program is vulnerable to an SQL injection vulnerability in mbstring extension. WordPress is a freely available PHP-based publication program that uses a MySQL backend database. WordPress versions prior to 2.0.6 could allow a remote attacker to execute arbitrary SQL commands, caused by a vulnerability in different charset trackbacks. If PHP's mbstring extension is enabled, by specifying an alternate character set and encoding input with that character set while submitting a trackback, a remote attacker could bypass SQL injection protection schemes and execute arbitrary SQL commands.
* References:
http://wordpress.org/development/2007/01/wordpress-206/
http://www.hardened-php.net/advisory_022007.141.html
http://www.securityfocus.com/archive/1/archive/1/456049/100/0/threaded
http://www.frsirt.com/english/advisories/2007/0061
http://secunia.com/advisories/23595
http://secunia.com/advisories/23741
* Platforms Affected:
Matthew Mullenweg, WordPress versions prior to 2.06
Any operating system Any version |
| Recommendation |
For OpenPKG:
Apply the appropriate OpenPKG cacti package, as listed in OpenPKG Security Advisory OpenPKG-SA-2007.005 at http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.005.html
For other distributions:
Upgrade to the latest version of WordPress (2.0.6 or later), available from the WordPress Web site at http://wordpress.org/download/ |
| Related URL |
CVE-2007-0107 (CVE) |
| Related URL |
21896,21907 (SecurityFocus) |
| Related URL |
31297 (ISS) |
|
