WP 2.02 vulnerability

  • FrSIRT has posted the following information about a new vulnerability in WordPress 2.02 and previous versions:

    Advisory ID : FrSIRT/ADV-2006-1992
    CVE ID : GENERIC-MAP-NOMATCH
    Rated as : High Risk
    Remotely Exploitable : Yes
    Locally Exploitable : Yes
    Release Date : 2006-05-26

    Technical Description

    A vulnerability has been identified in WordPress, which may be exploited by attackers to compromise a vulnerable web server. This flaw is due to input validation errors in the “wp-admin/profile.php” script that does not validate certain parameters before being written to PHP scripts in the “wp-content/cache/userlogins/” and “wp-content/cache/users/” directories, which could be exploited by malicious users to inject and execute arbitrary PHP code with the privileges of the web server.

    Note : An input validation error in the “vars.php” script when handling the “PC_REMOTE_ADDR” HTTP header could be exploited by attackers to spoof their IP addresses.

    Affected Products

    WordPress version 2.0.2 and prior

    Solution

    The FrSIRT is not aware of any official supplied patch for this issue.

    References

    https://www.frsirt.com/english/advisories/2006/1992
    https://retrogod.altervista.org/wordpress_202_xpl.html

    Credits

    Vulnerabilities reported by rgod

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘WP 2.02 vulnerability’ is closed to new replies.