[wp-trac] Re: [WordPress Trac] #3257: SQL Injection vulnerability
picked up by nessus (wpoison)
WordPress Trac
wp-trac at lists.automattic.com
Tue Oct 17 13:14:36 GMT 2006
#3257: SQL Injection vulnerability picked up by nessus (wpoison)
----------------------+-----------------------------------------------------
Reporter: rwillmer | Owner: anonymous
Type: defect | Status: closed
Priority: normal | Milestone:
Component: Security | Version: 2.0.2
Severity: major | Resolution: invalid
Keywords: |
----------------------+-----------------------------------------------------
Changes (by westi):
* status: new => closed
* resolution: => invalid
Comment:
I have installed nessus and run a scan against my local 2.0.5-beta1
sandbox install and do not get this report shown up.
{{{
NESSUS SECURITY SCAN REPORT
Created 17.10.2006 Sorted by host names
Session Name : WordPress
Start Time : 17.10.2006 14:10:39
Finish Time : 17.10.2006 14:10:40
Elapsed Time : 0 day(s) 00:00:00
Plugins used in this scan:
Id Name
----------------------------------------------------------------------------
11139 wpoison (nasl version)
Total security holes found : 0
high severity : 0
Medium severity : 0
informational : 0
Scanned hosts:
Name High Low Info
------------------------------------------------
release.wp.sandbox.ftwr.co.uk 0 0 0
}}}
It is possible that this is a issue that has already been fixed.
If required I can install 2.0.2 and run the same test.
Closing as INVALID.
--
Ticket URL: <http://trac.wordpress.org/ticket/3257#comment:3>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list