Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 28 Jul 2014 19:10:34 -0400 (EDT)
From: cve-assign@...re.org
To: henri@...v.fi
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: WordPress plugin vitamin traversal arbitrary file access

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Can I get 2012 CVE for WordPress plugin vitamin path parameter traversal
> arbitrary file access vulnerability, thanks. Files: add_headers.php, minify.php
> 
> Affected: 1.0
> Fixed in: 1.1
> 
> Changelog: http://wordpress.org/plugins/vitamin/changelog/
> SCM: https://plugins.trac.wordpress.org/changeset/582232/vitamin

Use CVE-2012-6651. The scope of this CVE ID is the directory
traversal. It isn't directly about the ability to access .php
and .phtml files in unpatched versions, apparently corrected with
lines such as:

  if( 'php' == strtolower($ext) ) { die("Adding headers to php files is forbidden"); }

We did not research that in depth, but suspect that it may be a
usability fix rather than a security fix.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJT1tc9AAoJEKllVAevmvmsbRwIAJhf/l3HLBx5f4HgY2yEozXF
alxy3DonvvENWr05OlFwLZI90MsYV+V4bvtFA9Qpnsun/Q202qu+/xWfhj6/2LKf
7FRS/7gSsdjUQSuSmyjgO8NpfW7y41D8Zt/+O9hjGj8K5FCuDjoBkuSblJvfW8x7
Lo/mZPrvyrjcSL5ZhUpff++IiLUo0yBWVddu2ehii2o9fjtPTQA2PCa6wZIdgoHv
Mv7p2QRVPvVubfM83WoxmpUq7uukNFYTnPivVgaqw9VqMKHNw6gJlD9o877AJOTk
HCTYa8cL16P85OlVqC2KR/0K+jwcyrtrIQGPBlR9px69TXa/HVsmzmsJSdD/Bzs=
=cnlx
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ