FreeBSD : wordpress -- multiple vulnerabilities (5e135178-8aeb-11e4-801f-0022156e8794)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

MITRE reports :

wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x
before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to
reset passwords by leveraging access to an e-mail account that
received a password-reset message.

wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5,
3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to
conduct server-side request forgery (SSRF) attacks by referring to a
127.0.0.0/8 resource.

WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and
4.x before 4.0.1 might allow remote attackers to obtain access to an
account idle since 2008 by leveraging an improper PHP dynamic type
comparison for an MD5 hash.

Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5,
3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows
remote attackers to inject arbitrary web script or HTML via a crafted
Cascading Style Sheets (CSS) token sequence in a post.

Cross-site scripting (XSS) vulnerability in Press This in WordPress
before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before
4.0.1 allows remote attackers to inject arbitrary web script or HTML
via unspecified vectors

wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before
3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote
attackers to cause a denial of service (CPU consumption) via a long
password that is improperly handled during hashing, a similar issue to
CVE-2014-9016.

Cross-site request forgery (CSRF) vulnerability in wp-login.php in
WordPress 3.7.4, 3.8.4, 3.9.2, and 4.0 allows remote attackers to
hijack the authentication of arbitrary users for requests that reset
passwords.

See also :

http://www.nessus.org/u?73ec5e89

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 80350 ()

Bugtraq ID:

CVE ID: CVE-2014-9033
CVE-2014-9034
CVE-2014-9035
CVE-2014-9036
CVE-2014-9037
CVE-2014-9038
CVE-2014-9039

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now