WordPress 3.5.1, Denial of Service

看板Bugtraq作者時間12年前 (2013/06/13 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串3/4 (看更多)
--Apple-Mail=_B3B19972-2CCC-459B-B083-2372157C5D86 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Version 3.5.1 (latest) of popular blogging engine WordPress suffers from = remote denial of service vulnerability. The bug exists in encryption = module (class-phpass.php). The exploitation of this vulnerability is = possible only when at least one post is protected by a password. Time frames: 31.05.2013 WordPress security team has been informed about the = vulnerability (no response). 07.06.2013 The vulnerability has been released to the public. More information (including proof of concept): https://vndh.net/note:wordpress-351-denial-service A way out (before official WordPress update) to secure existing = installations is to apply the following patch: --- wp-includes/class-phpass.php +++ wp-includes/class-phpass.php @@ -120,7 +120,7 @@ return $output; =20 $count_log2 =3D strpos($this->itoa64, $setting[3]); - if ($count_log2 < 7 || $count_log2 > 30) + if ($count_log2 < 7 || $count_log2 > 13) return $output; =20 $count =3D 1 << $count_log2;= --Apple-Mail=_B3B19972-2CCC-459B-B083-2372157C5D86 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) iQIcBAEBCgAGBQJRsgp8AAoJEEJGP6nEM7RcGY8P/iV6Tj9Ll99zb/Sz/JIMB9Hy +vBHRp5IDLXQP9BzHfcryEQrKhCQW2Z2Elqm5d2pdH239CNTBrPMpHAo7GaNIeb4 8oaVcMOl0YAMJqm1xx/mzQeJ64WH4SyKZStz81K+0hNqN0Vq1pCsJMCHlXiCYDDj jmS/K78w6sbTf+u1X0sy7DLDYdsUQSW1ZbTp7PHh0P0ONw0VD7drbNlkiJzISnTc eUe/noQd6gcPQyg9zhuvMrl2NH2f+pWIokPGXuAdVS/AUBRl/TiS7SAWm7PpzbWr FbSEhwmQ2fpQGGLnFJpvoJVaVGtiTXN/SS9R4viwWWUJMRHNpBBs51hFbbHYZDZt Jfa1Yewp+KeXUgMQzJGxxgd+ireHkI/yNW0g3g+Rf+mKR/9wecbCaQibjUndyMSi w36ynrbvjq/sWxm0WfSojMU8M+Uro1fYoq1ZA0FR2Je9E8d7SWN4KRYxKJeA3/PX XgEKlLSLbBjOoig0ElJmTnGy/78ZK4n0AQJlPzzflDnfK3+VBpxi26hUhz+xRK37 EDb+ZJlP8dhz8t94kJx0xZ9ZQauMEro8SCAaSctFUhn4IVMbNdq09wwzNzLIGc2D X2iAP2sO1FXJqLA955PXLQzCB1F5NbzZIqNb1HuuLbMB+zmfwfOoZ+a0iQQcaK6a Pf0FRQYqleJZCzH4s62Z =jSm+ -----END PGP SIGNATURE----- --Apple-Mail=_B3B19972-2CCC-459B-B083-2372157C5D86--
更多 vnd. 的文章
文章代碼(AID): #1HkBTWF2 (Bugtraq)
更多 vnd. 的文章
文章代碼(AID): #1HkBTWF2 (Bugtraq)