• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

kses Multiple Input Validation Vulnerabilities

Bugtraq ID:	28599
Class:	Input Validation Error
CVE:	CVE-2008-1502
Remote:	Yes
Local:	No
Published:	Apr 03 2008 12:00AM
Updated:	Oct 09 2009 11:49PM
Credit:	Lukasz Pilorz
Vulnerable:	WordPress Wordpress (B2) 0.6.2 .1 WordPress Wordpress (B2) 0.6.2 WordPress WordPress 2.3.3 WordPress WordPress 2.3.2 WordPress WordPress 2.3.1 WordPress WordPress 2.2.3 WordPress WordPress 2.2.2 WordPress WordPress 2.2.1 WordPress WordPress 2.2.1 WordPress WordPress 2.1.3 WordPress WordPress 2.1.3 WordPress WordPress 2.1.2 WordPress WordPress 2.1.1 WordPress WordPress 2.0.11 WordPress WordPress 2.0.10 WordPress WordPress 2.0.7 WordPress WordPress 2.0.6 WordPress WordPress 2.0.5 WordPress WordPress 2.0.4 WordPress WordPress 2.0.3 WordPress WordPress 2.0.2 WordPress WordPress 2.0.1 WordPress WordPress 2.0 WordPress WordPress 1.5.2 WordPress WordPress 1.5.1 .3 WordPress WordPress 1.5.1 .2 WordPress WordPress 1.5.1 WordPress WordPress 1.5 WordPress WordPress 1.3.1 WordPress WordPress 1.2.2 WordPress WordPress 1.2.1 + Gentoo Linux WordPress WordPress 1.2 + Gentoo Linux 1.4 + Gentoo Linux WordPress WordPress 0.71 WordPress WordPress 0.7 WordPress WordPress 2.3 WordPress WordPress 2.2 Revision 5003 WordPress WordPress 2.2 Revision 5002 WordPress WordPress 2.2 WordPress WordPress 2.1.3-RC2 WordPress WordPress 2.1.3-RC1 WordPress WordPress 2.1 WordPress WordPress 2.0.10-RC2 WordPress WordPress 2.0.10-RC1 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 RedHat Fedora 8 0 Moodle moodle 1.8.4 Moodle moodle 1.8.3 Moodle moodle 1.7.1 Moodle moodle 1.6.2 Moodle moodle 1.6.1 Moodle moodle 1.6 dev Moodle moodle 1.5.2 Moodle moodle 1.5.1 Moodle moodle 1.5 Moodle moodle 1.4.3 Moodle moodle 1.4.2 Moodle moodle 1.4.1 Moodle moodle 1.3.4 Moodle moodle 1.3.3 Moodle moodle 1.3.2 Moodle moodle 1.3.1 Moodle moodle 1.3 Moodle moodle 1.6.1 + MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 kses kses 0.2.2 Gentoo Linux eGroupWare eGroupWare 1.4.2 eGroupWare eGroupWare 1.4.1 eGroupWare eGroupWare 1.0.6 eGroupWare eGroupWare 1.0.3 eGroupWare eGroupWare 1.0.1 eGroupWare eGroupWare 1.0 .0.009 eGroupWare eGroupWare 1.0 .0.007 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + Gentoo Linux eGroupWare eGroupWare 1.0 eGroupWare eGroupWare 1.2.107-2 eGroupWare eGroupWare 1.2.106-2 Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 SP2 Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 Dokeos Open Source Learning & Knowledge Management Tool 1.8 Dokeos Open Source Learning & Knowledge Management Tool 1.8 Dokeos Open Source Learning & Knowledge Management Tool 1.6.5 Dokeos Open Source Learning & Knowledge Management Tool 1.6.4 Dokeos Open Source Learning & Knowledge Management Tool 1.6 RC2 Dokeos Open Source Learning & Knowledge Management Tool 1.5.5 Dokeos Open Source Learning & Knowledge Management Tool 1.5.4 Dokeos Open Source Learning & Knowledge Management Tool 1.5.3 Dokeos Open Source Learning & Knowledge Management Tool 1.5 Dokeos Open Source Learning & Knowledge Management Tool 1.4 Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 SP1 Dokeos Open Source Learning & Knowledge Management Tool 1.6.4 (P1) Dokeos Open Source Learning & Knowledge Management 1.8.4 Dokeos Open Source Learning & Knowledge Management 1.8 Dokeos Open Source Learning & Knowledge Management 1.8.4 SP3 Dokeos Open Source Learning & Knowledge Management 1.8.4 SP1 Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia-64 Debian Linux 5.0 ia-32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 armel Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 BEA Systems Weblogic Proxy Plugin 1.5.3 + BEA Systems Weblogic Proxy Plugin 1.5.3
Not Vulnerable:	WordPress WordPress 2.5 Moodle moodle 1.8.5 Moodle moodle 1.9 eGroupWare eGroupWare 1.4.3 Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 SP3