| VID |
21372 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The WordPress program, according to its version number, has an HTTP response splitting Vulnerability.
WordPress is a freely available PHP-based publication program that uses a MySQL backend database. WordPress version 1.2 and prior are vulnerable to an HTTP response splitting attack, caused by proper validating of user-supplied input in the 'wp-login.php' script. By sending a specially crafted POST request, a remote attacker could cause the target server to return a split response. It would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information.
* Note: This check solely relied on the version number of the remote WordPress program to program this vulnerability, so this might be a false positive.
* References:
http://securitytracker.com/alerts/2004/Oct/1011592.html
* Platforms Affected:
Matthew Mullenweg, WordPress 1.2 and prior
Microsoft Windows Any version
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of WordPress (1.2.1 or later), available from the WordPress Download Web page at http://wordpress.org/download/ |
| Related URL |
CVE-2004-1584 (CVE) |
| Related URL |
11348 (SecurityFocus) |
| Related URL |
17649 (ISS) |
|
