Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200703-23 (wordpress)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58161

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200703-23 (wordpress)

Resumen: The remote host is missing updates announced in;advisory GLSA 200703-23.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200703-23.

Vulnerability Insight:
Wordpress contains several cross-site scripting, cross-site request forgery
and information leak vulnerabilities.

Solution:
Due to the numerous recently discovered vulnerabilities in WordPress, this
package has been masked in the portage tree. All WordPress users are
advised to unmerge it.

# emerge --unmerge 'www-apps/wordpress'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1049
BugTraq ID: 22534
http://www.securityfocus.com/bid/22534
http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml
http://downloads.securityfocus.com/vulnerabilities/exploits/22534.html
http://osvdb.org/33766
http://secunia.com/advisories/24306
http://secunia.com/advisories/24566
http://www.vupen.com/english/advisories/2007/0741
Common Vulnerability Exposure (CVE) ID: CVE-2007-1230
http://osvdb.org/34361
http://www.vupen.com/english/advisories/2007/0756
Common Vulnerability Exposure (CVE) ID: CVE-2007-1244
BugTraq ID: 22735
http://www.securityfocus.com/bid/22735
Bugtraq: 20070226 WordPress AdminPanel CSRF/XSS - 0day (Google Search)
http://www.securityfocus.com/archive/1/461351/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0583.html
http://osvdb.org/33787
http://osvdb.org/33788
XForce ISS Database: wordpress-post-csrf(32703)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32703
Common Vulnerability Exposure (CVE) ID: CVE-2007-1409
Bugtraq: 20070308 Re: Word Press Sensitive Directory exposure (SQL) (Google Search)
http://www.securityfocus.com/archive/1/462249/100/0/threaded
Bugtraq: 20070308 Word Press Sensitive Directory exposure (SQL) (Google Search)
http://www.securityfocus.com/archive/1/462230/100/0/threaded
XForce ISS Database: wordpress-adminfunctions-sql-injection(32881)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32881

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58161
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200703-23 (wordpress)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200703-23.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200703-23. Vulnerability Insight: Wordpress contains several cross-site scripting, cross-site request forgery and information leak vulnerabilities. Solution: Due to the numerous recently discovered vulnerabilities in WordPress, this package has been masked in the portage tree. All WordPress users are advised to unmerge it. # emerge --unmerge 'www-apps/wordpress' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1049 BugTraq ID: 22534 http://www.securityfocus.com/bid/22534 http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml http://downloads.securityfocus.com/vulnerabilities/exploits/22534.html http://osvdb.org/33766 http://secunia.com/advisories/24306 http://secunia.com/advisories/24566 http://www.vupen.com/english/advisories/2007/0741 Common Vulnerability Exposure (CVE) ID: CVE-2007-1230 http://osvdb.org/34361 http://www.vupen.com/english/advisories/2007/0756 Common Vulnerability Exposure (CVE) ID: CVE-2007-1244 BugTraq ID: 22735 http://www.securityfocus.com/bid/22735 Bugtraq: 20070226 WordPress AdminPanel CSRF/XSS - 0day (Google Search) http://www.securityfocus.com/archive/1/461351/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0583.html http://osvdb.org/33787 http://osvdb.org/33788 XForce ISS Database: wordpress-post-csrf(32703) https://exchange.xforce.ibmcloud.com/vulnerabilities/32703 Common Vulnerability Exposure (CVE) ID: CVE-2007-1409 Bugtraq: 20070308 Re: Word Press Sensitive Directory exposure (SQL) (Google Search) http://www.securityfocus.com/archive/1/462249/100/0/threaded Bugtraq: 20070308 Word Press Sensitive Directory exposure (SQL) (Google Search) http://www.securityfocus.com/archive/1/462230/100/0/threaded XForce ISS Database: wordpress-adminfunctions-sql-injection(32881) https://exchange.xforce.ibmcloud.com/vulnerabilities/32881
Copyright	Copyright (C) 2008 E-Soft Inc.