FreeBSD Ports: Wordpress Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.cvedetails.com/cve/CVE-2010-4257/ http://www.vuxml.org/freebsd/8c93e997-30e0-11e0-b300-485d605f4717.html

Insight

The following packages are affected: wordpress de-wordpress zh-wordpress-zh_CN zh-wordpress-zh_TW CVE-2010-4257 SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.

Severity

Classification

CVE CVE-2010-4257

CVSS	Base Score: 6.0 AV:N/AC:M/Au:S/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: clamav
FreeBSD Ports: apache
FreeBSD Ports: bugzilla, ja-bugzilla
django -- cross-site scripting vulnerability
FreeBSD Ports: apache

FreeBSD Ports: wordpress

Take action and discover your vulnerabilities