1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
PublicDate: 2007-01-29
Candidate: CVE-2007-0541
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0541
Description:
WordPress allows remote attackers to determine the existence of arbitrary
files, and possibly read portions of certain files, via pingback service
calls with a source URI that corresponds to a local pathname, which
triggers different fault codes for existing and non-existing files, and in
certain configurations causes a brief file excerpt to be published as a
blog comment.
Ubuntu-Description:
Notes:
Bugs:
dapper_wordpress: ignored (reached end-of-life)
edgy_wordpress: needed (reached end-of-life)
feisty_wordpress: not-affected
gutsy_wordpress: not-affected
hardy_wordpress: not-affected
intrepid_wordpress: not-affected
jaunty_wordpress: not-affected
karmic_wordpress: not-affected
devel_wordpress: not-affected
upstream_wordpress: released (2.0.8)
|