Test ID:	1.3.6.1.4.1.25623.1.0.63785
Category:	Fedora Local Security Checks
Title:	Fedora Core 10 FEDORA-2009-3474 (wordpress-mu)
Summary:	The remote host is missing an update to wordpress-mu;announced via advisory FEDORA-2009-3474.;Note: This VT has been deprecated and is therefore no longer functional.
Description:	Summary: The remote host is missing an update to wordpress-mu announced via advisory FEDORA-2009-3474. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: WordPress-MU is a derivative of the WordPress blogging codebase, to allow one instance to serve multiple users. ChangeLog: * Tue Apr 7 2009 Bret McMillan - 2.6.5-2 - Patch for CVE-2009-1030 * Mon Dec 1 2008 Bret McMillan - 2.6.5-1 - Update to 2.6.5 - Fixes 1 XSS security issue, 3 bugs Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update wordpress-mu' at the command line. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1030 BugTraq ID: 34075 http://www.securityfocus.com/bid/34075 Bugtraq: 20090310 [ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability (Google Search) http://www.securityfocus.com/archive/1/501667/100/0/threaded https://www.exploit-db.com/exploits/8196 HPdes Security Advisory: HPSBUX02514 http://marc.info/?l=bugtraq&m=126996727024732&w=2 HPdes Security Advisory: SSRT100010 http://www.securitytracker.com/id?1021838 XForce ISS Database: wordpressmu-wpmufunctions-xss(49184) https://exchange.xforce.ibmcloud.com/vulnerabilities/49184
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.