[wp-hackers] 1.5.2 SQL Injection
Podz
podz at tamba2.org.uk
Mon Mar 6 15:52:43 GMT 2006
http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml
Description
Patrik Karlsson reported that WordPress 1.5.2 makes use of an
insufficiently filtered User Agent string in SQL queries related to
comments posting. This vulnerability was already fixed in the 2.0-series
of WordPress.
Impact
An attacker could send a comment with a malicious User Agent parameter,
resulting in SQL injection and potentially in the subversion of the
WordPress database. This vulnerability wouldn't affect WordPress sites
which do not allow comments or which require that comments go through a
moderator.
Reported in the forums:
http://wordpress.org/support/topic/63734?replies=3#post-339189
There are a lot of people still using 1.5.2
Can this be patched so an upgrade does not have to be the response ?
An announcement is also called for surely ?
P.
More information about the wp-hackers
mailing list