Debian 4.0 DSA-1871-2 Moderate: WordPress Remote Exploits Fix
debian
August 27, 2009
The previous wordpress update introduced a regression when fixing CVE-2008-4769 due to a function that was not backported with the patch
Topics Covered
Summary
The previous wordpress update introduced a regression when fixing
CVE-2008-4769 due to a function that was not backported with the patch.
Please note that this regression only affects the oldstable distribution
(etch). For reference the original advisory text follows.
Several vulnerabilities have been discovered in wordpress, weblog
manager. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2008-6762
It was discovered that wordpress is prone to an open redirect
vulnerability which allows remote attackers to conduct phishing atacks.
CVE-2008-6767
It was discovered that remote attackers had the ability to trigger an
application upgrade, which could lead to a denial of service attack.
CVE-2009-2334
It was discovered that wordpress lacks authentication checks in the
plugin configuration, which might ...
PREVIOUS
NEXT
Package: wordpress
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!