WordPress Lost Password SQL Column Truncation Unauthorized Access Vulnerability

Bugtraq ID: 31068
Class: Design Error
CVE: CVE-2008-4106
Remote: Yes
Local: No
Published: Sep 08 2008 12:00AM
Updated: Aug 24 2009 05:52PM
Credit: Stefan Esser, irk4z
Vulnerable: WordPress WordPress 2.6.1
Red Hat Fedora 9
Red Hat Fedora 8
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 armel
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Not Vulnerable: WordPress WordPress 2.6.2


 

Privacy Statement
Copyright 2010, SecurityFocus