Mandriva Linux Security Advisory : wordpress (MDVSA-2013:189)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing a security update.

Description :

Updated wordpress package fixes security vulnerabilities :

A denial of service flaw was found in the way Wordpress, a blog tool
and publishing platform, performed hash computation when checking
password for password protected blog posts. A remote attacker could
provide a specially- crafted input that, when processed by the
password checking mechanism of Wordpress would lead to excessive CPU
consumption (CVE-2013-2173).

Inadequate SSRF protection for HTTP requests where the user can
provide a URL can allow for attacks against the intranet and other
sites. This is a continuation of work related to CVE-2013-0235, which
was specific to SSRF in pingback requests and was fixed in 3.5.1
(CVE-2013-2199).

Inadequate checking of a user's capabilities could allow them to
publish posts when their user role should not allow for it; and to
assign posts to other authors (CVE-2013-2200).

Inadequate escaping allowed an administrator to trigger a cross-site
scripting vulnerability through the uploading of media files and
plugins (CVE-2013-2201).

The processing of an oEmbed response is vulnerable to an XXE
(CVE-2013-2202).

If the uploads directory is not writable, error message data returned
via XHR will include a full path to the directory (CVE-2013-2203).

Content Spoofing in the MoxieCode (TinyMCE) MoxiePlayer project
(CVE-2013-2204).

Cross-domain XSS in SWFUpload (CVE-2013-2205).

See also :

http://advisories.mageia.org/MGASA-2013-0198.html

Solution :

Update the affected wordpress package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.2
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now