LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2013:239: wordpress Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Updated wordpress and php-phpmailer packages fix security vulnerabilities: wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2013:239
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : wordpress
 Date    : September 19, 2013
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated wordpress and php-phpmailer packages fix security
 vulnerabilities:
 
 wp-includes/functions.php in WordPress before 3.6.1 does not properly
 determine whether data has been serialized, which allows remote
 attackers to execute arbitrary code by triggering erroneous PHP
 unserialize operations (CVE-2013-4338).
 
 WordPress before 3.6.1 does not properly validate URLs before use in
 an HTTP redirect, which allows remote attackers to bypass intended
 redirection restrictions via a crafted string (CVE-2013-4339).
 
 wp-admin/includes/post.php in WordPress before 3.6.1 allows remote
 authenticated users to spoof the authorship of a post by leveraging the
 Author role and providing a modified user_ID parameter (CVE-2013-4340).
 
 The get_allowed_mime_types function in wp-includes/functions.php in
 WordPress before 3.6.1 does not require the unfiltered_html capability
 for uploads of .htm and .html files, which might make it easier for
 remote authenticated users to conduct cross-site scripting (XSS)
 attacks via a crafted file (CVE-2013-5738).
 
 The default configuration of WordPress before 3.6.1 does not prevent
 uploads of .swf and .exe files, which might make it easier for remote
 authenticated users to conduct cross-site scripting (XSS) attacks
 via a crafted file, related to the get_allowed_mime_types function
 in wp-includes/functions.php (CVE-2013-5739).
 
 Additionally, php-phpmailer has been updated to a newer version
 required by the updated wordpress.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4338
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4339
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4340
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5738
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5739
 http://advisories.mageia.org/MGASA-2013-0285.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
 20b778e4dce88394ba3fe60f3db38ec6  mbs1/x86_64/php-phpmailer-5.2.7-0.20130917.1.mbs1.noarch.rpm
 9174445e9a2e76973bcbea3909ba8af7  mbs1/x86_64/wordpress-3.6.1-1.mbs1.noarch.rpm 
 afb38d03fc53350c03eba38eaea6561b  mbs1/SRPMS/php-phpmailer-5.2.7-0.20130917.1.mbs1.src.rpm
 ca3d0d9e13aacf26feab9382d20a0560  mbs1/SRPMS/wordpress-3.6.1-1.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
USB is now UEC (use with extreme caution)
iPhone Encryption and the Return of the Crypto Wars
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.