WordPress < 1.2.1 'wp-login.php' HTTP Response Splitting

Medium Nessus Network Monitor Plugin ID 2356

Synopsis

The remote WordPress server is vulnerable to a HTTP 'splitting' attack.

Description

Versions of WordPress prior to 1.2.1 are vulnerable to an HTTP-splitting attack where an attacker can insert CRLF characters and then entice an unsuspecting user into accessing the URL. The client will parse and possibly act on the secondary header that was supplied by the attacker.

Solution

Upgrade to version 1.2.1 or higher.

Plugin Details

Severity: Medium

ID: 2356

File Name: 2356.prm

Family: CGI

Published: 2004/10/07

Modified: 2016/01/21

Dependencies: 9035

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Reference Information

CVE: CVE-2004-1584

BID: 11348

OSVDB: 10595