|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200608-19] WordPress: Privilege escalation Vulnerability Scan
Vulnerability Scan Summary WordPress: Privilege escalation
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200608-19
(WordPress: Privilege escalation)
The WordPress developers have confirmed a vulnerability in capability
checking for tests.
Impact
By exploiting a flaw, a user can circumvent WordPress access
restrictions when using tests. The actual impact depends on the
configuration of WordPress and may range from trivial to critical,
possibly even the execution of arbitrary PHP code.
Workaround
There is no known workaround at this time.
Solution:
All WordPress users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/wordpress-2.0.4"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|