Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211
Summary: Wordpress 2.2: SQL injection, XSS vulnerabilities Product: Fedora Version: f7 Platform: All OS/Version: Linux Status: NEW Severity: low Priority: low Component: wordpress AssignedTo: jwb@redhat.com ReportedBy: ville.skytta@iki.fi QAContact: extras-qa@fedoraproject.org CC: fedora-security-list@redhat.com
XML-RPC SQL injection: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3140
Cross site scripting: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3238 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3239 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3240 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3241
Note: these have been reported against Wordpress 2.2, I haven't investigated whether 2.1.3 currently in Fedora is affected.
Also, 2.2.1 seems to have been released today, fixing at least some of these issues.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211
ville.skytta@iki.fi changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Wordpress 2.2: SQL |Wordpress 2.2(.1): SQL |injection, XSS |injection, XSS, unrestricted |vulnerabilities |file upload vulnerabilities
------- Additional Comments From ville.skytta@iki.fi 2007-07-04 13:20 EST ------- Additional unrestricted file upload issues: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3543 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3544
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211
------- Additional Comments From updates@fedoraproject.org 2007-07-05 15:22 EST ------- wordpress-2.2.1-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211
updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution| |ERRATA Fixed In Version| |2.2.1-1.fc7
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211
ville.skytta@iki.fi changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|CLOSED |ASSIGNED Keywords| |Reopened Resolution|ERRATA | Alias| |CVE-2007-3544
------- Additional Comments From ville.skytta@iki.fi 2007-07-05 15:30 EST ------- CVE-2007-3544 is reported against 2.2.1, reopening for verification whether this update is still vulnerable.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211
------- Additional Comments From lkundrak@redhat.com 2007-08-01 10:24 EST ------- John: What about CVE-2007-3544? Will this ever get updated?
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211
------- Additional Comments From john@ncphotography.com 2007-08-06 09:45 EST ------- There has been no patch from upstream for this issue, and no response from them in response to my latest query on this issue. When upstream generates a patch, or replies that the current release is not vulnerable, I will update this bug.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/show_bug.cgi?id=245211
------- Additional Comments From lkundrak@redhat.com 2007-11-01 16:32 EST ------- John: That practically means that Wordpress upstream is dead, right? I don't feel comfortable about having an unfixed vulnerability in distribution, do you? Please do your best to solve the situation.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/show_bug.cgi?id=245211
------- Additional Comments From john@ncphotography.com 2007-11-01 16:49 EST ------- Wordpress upstream is far from dead, they simply did not respond to my inquiry regarding this specific vulnerability. They have made additional releases, and we currently have version 2.2.3 available in FC7, 2.3.1 in devel. I'm as comfortable having wordpress in the distro as I am with having various bugs I've reported in RHEL still be open after multiple years, or closed with a WONTFIX from PM.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/show_bug.cgi?id=245211
------- Additional Comments From lkundrak@redhat.com 2007-11-02 13:02 EST ------- RHEL is a different operating system with a different development model and different expectations from users. Not a good analogy.
I understand that you can not do anything about fixing this anyways without more specific information other than the advisory. I mailed the guy who discovered the flaw and asked for more information. In case we won't learn more, we may consider the issue non{public,existent}.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/show_bug.cgi?id=245211
bugzilla@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Version|f7 |7
thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution| |INSUFFICIENT_DATA
------- Additional Comments From thoger@redhat.com 2008-05-07 11:09 EST ------- I'm closing this INSUFFICIENT_DATA, as CVE-2007-3544 description only links to the same advisory as CVE-2007-3543 and does not have any details in what ways fix for CVE-2007-3543 is incomplete.
security@lists.fedoraproject.org
-
Red Hat Bugzilla