| VID |
210041 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The WordPress program is vulnerable to an information disclosure vulnerability via the pingback service. WordPress is a freely available PHP-based publication program that uses a MySQL backend database. WordPress versions prior to 2.1 could allow a remote attacker to obtain sensitive information, caused by improper handling of pingbacks. By sending a specially-crafted request for a non-HTTP resource, a remote attacker could determine the existence of arbitrary files, and possibly read portions of certain files on the affected host. In addition, the version is also reportedly vulnerable to a denial of service attack via pingback service calls.
* References:
http://www.securityfocus.com/archive/1/458003/30/0/threaded
http://comox.textdrive.com/pipermail/wp-svn/2007-January/002387.html
http://secunia.com/advisories/23912/
* Platforms Affected:
Matthew Mullenweg, WordPress versions prior to 2.1
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of WordPress (2.1 or later), available from the WordPress Download Web site at http://wordpress.org/download/ |
| Related URL |
CVE-2007-0539,CVE-2007-0540,CVE-2007-0541 (CVE) |
| Related URL |
22220 (SecurityFocus) |
| Related URL |
31784,31786 (ISS) |
|
