Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200701-10 (wordpress)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57970

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200701-10 (wordpress)

Resumen: The remote host is missing updates announced in;advisory GLSA 200701-10.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200701-10.

Vulnerability Insight:
WordPress is vulnerable to SQL injection, information disclosure, and
cross-site scripting attacks.

Solution:
All WordPress users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/wordpress-2.0.6'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-6808
BugTraq ID: 21782
http://www.securityfocus.com/bid/21782
http://marc.info/?l=full-disclosure&m=116722128631087&w=2
http://security.gentoo.org/glsa/glsa-200701-10.xml
http://michaeldaw.org/
http://secunia.com/advisories/23587
http://secunia.com/advisories/23741
http://www.vupen.com/english/advisories/2006/5191
XForce ISS Database: wordpress-getfiledescription-xss(31133)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31133
Common Vulnerability Exposure (CVE) ID: CVE-2007-0107
BugTraq ID: 21907
http://www.securityfocus.com/bid/21907
Bugtraq: 20070105 Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/456049/100/0/threaded
http://www.hardened-php.net/advisory_022007.141.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.005.html
http://osvdb.org/31579
http://secunia.com/advisories/23595
http://securityreason.com/securityalert/2112
http://www.vupen.com/english/advisories/2007/0061
XForce ISS Database: wordpress-mbstring-security-bypass(31297)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31297
Common Vulnerability Exposure (CVE) ID: CVE-2007-0109
Bugtraq: 20070103 Wordpress <= 2.x dictionnary & Bruteforce attack (Google Search)
http://www.securityfocus.com/archive/1/455927/100/0/threaded
http://osvdb.org/31577
http://secunia.com/advisories/23621
http://securityreason.com/securityalert/2113
http://www.vupen.com/english/advisories/2007/0062
XForce ISS Database: wordpress-account-enumeration(31262)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31262

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57970
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200701-10 (wordpress)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200701-10.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200701-10. Vulnerability Insight: WordPress is vulnerable to SQL injection, information disclosure, and cross-site scripting attacks. Solution: All WordPress users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/wordpress-2.0.6' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6808 BugTraq ID: 21782 http://www.securityfocus.com/bid/21782 http://marc.info/?l=full-disclosure&m=116722128631087&w=2 http://security.gentoo.org/glsa/glsa-200701-10.xml http://michaeldaw.org/ http://secunia.com/advisories/23587 http://secunia.com/advisories/23741 http://www.vupen.com/english/advisories/2006/5191 XForce ISS Database: wordpress-getfiledescription-xss(31133) https://exchange.xforce.ibmcloud.com/vulnerabilities/31133 Common Vulnerability Exposure (CVE) ID: CVE-2007-0107 BugTraq ID: 21907 http://www.securityfocus.com/bid/21907 Bugtraq: 20070105 Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability (Google Search) http://www.securityfocus.com/archive/1/456049/100/0/threaded http://www.hardened-php.net/advisory_022007.141.html http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.005.html http://osvdb.org/31579 http://secunia.com/advisories/23595 http://securityreason.com/securityalert/2112 http://www.vupen.com/english/advisories/2007/0061 XForce ISS Database: wordpress-mbstring-security-bypass(31297) https://exchange.xforce.ibmcloud.com/vulnerabilities/31297 Common Vulnerability Exposure (CVE) ID: CVE-2007-0109 Bugtraq: 20070103 Wordpress <= 2.x dictionnary & Bruteforce attack (Google Search) http://www.securityfocus.com/archive/1/455927/100/0/threaded http://osvdb.org/31577 http://secunia.com/advisories/23621 http://securityreason.com/securityalert/2113 http://www.vupen.com/english/advisories/2007/0062 XForce ISS Database: wordpress-account-enumeration(31262) https://exchange.xforce.ibmcloud.com/vulnerabilities/31262
Copyright	Copyright (C) 2008 E-Soft Inc.