[Secure-testing-team] Bug#500295: possible script injection via /etc/wordpress/wp-config.php
Raphael Geissert
atomo64 at gmail.com
Sat Sep 27 00:17:01 UTC 2008
Package: wordpress
Version: 2.5.1-7
Severity: important
Tags: security
The file as found in 2.5.1-7 takes the HTTP_HOST and uses it to find the
config-<host>.php file to include.
This routine is prone to attacks by a local user via a especially crafted Host
header.
Feel free to increase the severity.
Cheers,
--
Atomo64 - Raphael
Please avoid sending me Word, PowerPoint or Excel attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20080926/3ab8f493/attachment.pgp
More information about the Secure-testing-team
mailing list