Bug 20763 - wordpress-mu multiple vulnerabilities: CVE-2009-2431, CVE-2009-2432, CVE-2009-2334, CVE-2009-2335, CVE-2009-2336
Summary: wordpress-mu multiple vulnerabilities: CVE-2009-2431, CVE-2009-2432, CVE-2009...
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: wordpress-mu (show other bugs)
Version: unstable
Hardware: all Linux
: P3 blocker
Assignee: Denis Klimov
QA Contact: qa-sisyphus
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2009-07-13 11:14 MSD by Vladimir Lettiev
Modified: 2009-11-21 09:24 MSK (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Lettiev 2009-07-13 11:14:59 MSD
CVE-2009-2431 - WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source.

CVE-2009-2432 - WordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a direct request to wp-settings.php, which reveals the installation path in an error message.

CVE-2009-2334 - wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify this file.

CVE-2009-2335 - WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience."

CVE-2009-2336 - The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience."

Fixed in 2.8.1
Comment 1 Denis Klimov 2009-07-13 12:07:53 MSD
Сейчас нет времени и интереса поддерживать этот пакет. выдам acl любому желающему этим заниматься.
Comment 2 Vladimir Lettiev 2009-07-21 16:05:20 MSD
http://wordpress.org/development/2009/07/wordpress-2-8-2/

WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site
Comment 3 Denis Klimov 2009-11-21 09:23:36 MSK
обновлено до 2.8.6
Comment 4 Denis Klimov 2009-11-21 09:24:04 MSK
fixed