Debian Local Security Checks : Debian Security Advisory DSA 2670-1 (wordpress)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.71349
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 2670-1 (wordpress)
Zusammenfassung:	The remote host is missing an update to wordpress;announced via advisory DSA 2670-1.
Beschreibung:	Summary: The remote host is missing an update to wordpress announced via advisory DSA 2670-1. Vulnerability Insight: Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches. This means extra care should be taken when upgrading, especially when using third-party plugins or themes, since compatibility may have been impacted along the way. We recommend that users check their install before doing the upgrade. For the stable distribution (squeeze), those problems have been fixed in version 3.3.2+dfsg-1~ squeeze1. For the testing distribution (wheezy) and the unstable distribution (sid), those problems have been fixed in version 3.3.2+dfsg-1. Solution: We recommend that you upgrade your wordpress packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3122 BugTraq ID: 47995 http://www.securityfocus.com/bid/47995 Debian Security Information: DSA-2470 (Google Search) http://www.debian.org/security/2012/dsa-2470 http://secunia.com/advisories/49138 XForce ISS Database: wordpress-media-unspecified(69175) https://exchange.xforce.ibmcloud.com/vulnerabilities/69175 Common Vulnerability Exposure (CVE) ID: CVE-2011-3125 XForce ISS Database: wordpress-hardening-unspecified(69174) https://exchange.xforce.ibmcloud.com/vulnerabilities/69174 Common Vulnerability Exposure (CVE) ID: CVE-2011-3126 XForce ISS Database: wordpress-nonauthos-info-disclosure(69173) https://exchange.xforce.ibmcloud.com/vulnerabilities/69173 Common Vulnerability Exposure (CVE) ID: CVE-2011-3127 XForce ISS Database: wordpress-admin-clickjacking(69172) https://exchange.xforce.ibmcloud.com/vulnerabilities/69172 Common Vulnerability Exposure (CVE) ID: CVE-2011-3128 XForce ISS Database: wordpress-attachments-info-disc(69171) https://exchange.xforce.ibmcloud.com/vulnerabilities/69171 Common Vulnerability Exposure (CVE) ID: CVE-2011-3129 Common Vulnerability Exposure (CVE) ID: CVE-2011-3130 XForce ISS Database: wordpress-taxonomy-unspecified(69169) https://exchange.xforce.ibmcloud.com/vulnerabilities/69169 Common Vulnerability Exposure (CVE) ID: CVE-2011-4956 http://www.openwall.com/lists/oss-security/2012/04/19/17 http://www.openwall.com/lists/oss-security/2012/04/19/6 http://www.osvdb.org/72141 http://secunia.com/advisories/44038 Common Vulnerability Exposure (CVE) ID: CVE-2011-4957 Common Vulnerability Exposure (CVE) ID: CVE-2012-2399 BugTraq ID: 53192 http://www.securityfocus.com/bid/53192 http://seclists.org/fulldisclosure/2013/Mar/110 http://jvn.jp/en/jp/JVN25280162/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-002110 http://packetstormsecurity.com/files/120746/SWFUpload-Content-Spoofing-Cross-Site-Scripting.html http://packetstormsecurity.com/files/122399/tinymce11-xss.txt http://www.openwall.com/lists/oss-security/2013/07/18/13 http://osvdb.org/81459 http://www.osvdb.org/91134 XForce ISS Database: wordpress-swfupload-unspecified(75210) https://exchange.xforce.ibmcloud.com/vulnerabilities/75210 Common Vulnerability Exposure (CVE) ID: CVE-2012-2400 http://osvdb.org/81460 XForce ISS Database: wordpress-swfobject-unspecified(75209) https://exchange.xforce.ibmcloud.com/vulnerabilities/75209 Common Vulnerability Exposure (CVE) ID: CVE-2012-2401 https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/ http://osvdb.org/81461 XForce ISS Database: wordpress-plupload-sec-bypass(75208) https://exchange.xforce.ibmcloud.com/vulnerabilities/75208 Common Vulnerability Exposure (CVE) ID: CVE-2012-2402 http://osvdb.org/81462 http://secunia.com/advisories/48957 XForce ISS Database: wordpress-plugins-sec-bypass(75207) https://exchange.xforce.ibmcloud.com/vulnerabilities/75207 XForce ISS Database: wordpress-plugins-security-bypass(75090) https://exchange.xforce.ibmcloud.com/vulnerabilities/75090 Common Vulnerability Exposure (CVE) ID: CVE-2012-2403 http://osvdb.org/81463 XForce ISS Database: wordpress-formatting-xss(75206) https://exchange.xforce.ibmcloud.com/vulnerabilities/75206 XForce ISS Database: wordpress-url-xss(75093) https://exchange.xforce.ibmcloud.com/vulnerabilities/75093 Common Vulnerability Exposure (CVE) ID: CVE-2012-2404 http://osvdb.org/81464 XForce ISS Database: wordpress-wpcommentspostphp-xss(75202) https://exchange.xforce.ibmcloud.com/vulnerabilities/75202 XForce ISS Database: wordpress-wpredirect-xss(75092) https://exchange.xforce.ibmcloud.com/vulnerabilities/75092
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com