Neil McGovern
2007-Feb-12 22:40 UTC
[SECURITY] [DTSA-33-1] New wordpress packages fix multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Testing Security Advisory DTSA-33-1 February 12th, 2007 secure-testing-team@lists.alioth.debian.org Neil McGovern http://secure-testing-master.debian.net/ - -------------------------------------------------------------------------- Package : wordpress Vulnerability : multiple vulnerabilities Problem-Scope : remote Debian-specific: No CVE ID : CVE-2007-0262 CVE-2007-0539 CVE-2007-0541 Various issues have been discovered in wordpress: CVE-2007-0262 wordpress does not properly verify that the m parameter value has the string data type, which allows remote attackers to obtain sensitive information via an invalid m[] parameter, as demonstrated by obtaining the path, and obtaining certain SQL information such as the table prefix. CVE-2007-0539 WordPress before 2.1 allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint. CVE-2007-0541 WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain configurations causes a brief file excerpt to be published as a blog comment. Please note that wordpress is not present in sarge. For the testing distribution (etch) this is fixed in version 2.0.8-1 For the unstable distribution (sid) this is fixed in version 2.1.0-1 This upgrade is recommended if you use wordpress. The Debian testing security team does not track security issues for the stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready. Upgrade Instructions - -------------------- To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: deb http://security.debian.org/ testing/updates main contrib non-free deb-src http://security.debian.org/ testing/updates main contrib non-free To install the update, run this command as root: apt-get update && apt-get install wordpress For further information about the Debian testing security team, please refer to http://secure-testing-master.debian.net/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF0Nl497LBwbNFvdMRAu1wAJ4n9ZOJPm2owDhrgxNp9T5Y7Yl0pwCghW2c bsyjKiR6HEojDn8/TPj6Gv4=Xadk -----END PGP SIGNATURE-----